Hi all,
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.
This document defines a document format (iCalendar) for expressing
calendaring information. This format does not contain mechanisms for
providing security features to the information encoded in it, but there
is appropriate text in the Security Considerations to guide protocols
that might carry iCalendar documents.
My only real concern is the ambiguity of the "Binary" value data type.
The other value data types defined in this document have clear semantics
attached that indicate how a compliant parser might handle the encoded
data. The Binary type defines how to decode the included data, but not
what sort of information this data conveys. Without further context to
guide processing of this information, I'm concerned that this could lead
to implementations that attempt to guess the type of binary content. I
would suggest adding text to Section 3.2.20 of the following character:
"
If this parameter indicates that the type of the property value is
BINARY, then the FMTTYPE paramter MUST be set in order to indicate the
MIME type of the encoded binary information.
"
In general, though, I think this document is ready to go.
--Richard
_______________________________________________
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf