[Last-Call] Re: [Extra] Secdir last call review of draft-ietf-extra-imap-messagelimit-08

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Kathleen,

Thank you for your review!

On 31/05/2024 22:16, Kathleen Moriarty via Datatracker wrote:
Reviewer: Kathleen Moriarty
Review result: Ready

The extension restricts the number of messages that can be processed with a
command. The security considerations section notes that new bugs could
potentially be introduced, and that quality assurance testing will be used to
mitigate that possibility.

Restrictions or setting limits typically helps to prevent security problems
such as buffer overruns, so the extension could be helpful from a security
persective preventing DoS attacks or other exploits of the server or server
resources.

If the team would like to add something to that effect into the security
considerations, it is reasonable.

Ok, we will add.

Best Regards,

Alexey

-- 
last-call mailing list -- last-call@xxxxxxxx
To unsubscribe send an email to last-call-leave@xxxxxxxx

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux