Secdir last call review of draft-wilde-service-link-rel-06

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reviewer: Stefan Santesson
Review result: Has Issues

Even though this document is quite repetitive when describing its fundamental
concepts, I still had a problem figuring out whether the link relations defined
are applicable to any web resource, or just to "web services" in the context of
"service provided to another service".

I have no issues with the fundamental concept, but the document lacks security
considerations. The content of the section is "..." indicating that something
eventually is intended to go here, but has not yet been written. If there are
absolutely no security considerations, then the section should say so.

I do however think that there are some useful security considerations to
document. At least it may be useful to have a small discussion to consider what
information about a service that is helpful to a user, and which could be used
by an attacker, and find a good balance.

As a nit I would suggest shortening some of the fundamental description in the
early introduction that is being repeated in the document. The document is
rather short and therefore does not benefit from saying the same things many
times.




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux