Yoav, Thanks for this review. I think that you are right in your comment and your suggestion is a good one. I will update the text and submit version -03 It has been suggested to add a reference to the LDAP security considerations, which I think is sensible and I will also make this change. Regards Steve > -----Original Message----- > From: Yoav Nir [mailto:ynir.ietf@xxxxxxxxx] > Sent: 08 September 2017 22:25 > To: secdir@xxxxxxxx > Cc: draft-kille-ldap-xmpp-schema.all@xxxxxxxx; ietf@xxxxxxxx > Subject: Secdir last call review of draft-kille-ldap-xmpp-schema-02 > > Reviewer: Yoav Nir > Review result: Has Nits > > The document defines a couple of OIDs for associating a Jabber ID with an > LDAP object. As such, it is very short and straightforward. I'm not too happy > with the Security Considerations section, which I'll quote here in its entirety: > > "This schema enables publishing for XMPP JIDs, and care should be taken to > ensure that this information is not accessed inappropriately." > > This is rather generic, and it's true for any piece of information stored > anywhere. If that is all there is to say, the section might as well read "This > document only registers OIDs and has no special security considerations." > > However, I think there is a point that may need to be mentioned. Using this > extension links a JID, which is a personal identifier that often appears on the > public Internet (much like an email address), to an LDAP object, which is > usually limited to an organization, usually the employer of that person. This > linkability only exists for people who have access to the LDAP server, so it's > just that users have to take the same care with JIDs that they do with email > addresses - if you don't want your XMPP messages linked to your employer, > or linked to you by your employer, it is better to use a private JID that is not > linked to your employer's LDAP. > > This advice to users may be out of scope, but I would like to see a mention > that JIDs are generally public and pseudonymous, and this links them to a real > person within an LDAP domain.