[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Evaluation: draft-ietf-smime-x400wrap - Securing X.400 Content with S/MIME to Proposed Standard

To: IESG Secretary <iesg-secretary@ietf.org>
Subject: Re: Evaluation: draft-ietf-smime-x400wrap - Securing X.400 Content with S/MIME to Proposed Standard
From: "Steven M. Bellovin" <smb@research.att.com>
Date: Wed, 11 Jun 2003 11:32:23 -0400
Cc: iesg@ietf.org

In message <200306021541.LAA12458@ietf.org>, IESG Secretary writes:
>
>Last Call to expire on: November 20, 2001
>
>	Please return the full line with your position.
>
>                    Yes    No-Objection  Discuss *  Abstain  
>
>Steve Bellovin      [   ]     [   ]       [ X ]      [   ] 

The Security Considerations section of both documents is inadequate.  
(The phrase "the entire document is about security" is almost as bad as 
"security is not discussed".)  Are there new security issues raised by 
this?  If so, outline them.  If not, say that, explicitly.  The 
pointers to the other documents are fine.  If the new text is simple 
enough, it can be inserted via an RFC Editor's note.

Why isn't AES listed, at least as a SHOULD?

		--Steve Bellovin, http://www.research.att.com/~smb (me)
		http://www.wilyhacker.com (2nd edition of "Firewalls" book)

Prev by Date: Re: draft-ietf-ipv6-unicast-aggr-v2-02.txt
Next by Date: Re: 57th IETF WG/BOF Scheduling - Draft Agenda (as of June 10th)
Previous by thread: Evaluation: draft-ietf-smime-x400wrap - Securing X.400 Content with S/MIME to Proposed Standard
Next by thread: Evaluation: draft-nesser-otp-sha-256-384-512 - AES Companion Hash Definitions (SHA256, SHA384, SHA512) for OTP to Proposed Standard
Index(es):
- Date
- Thread