From: "David Harrington" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>, "'IETF Discussion'" <[EMAIL PROTECTED]> Subject: secdir review of draft-snell-atompub-bidi-06 Date: Tue, 15 Apr 2008 17:11:11 -0700 X-Mailer: Microsoft Office Outlook 11 thread-index: AcicP4xAEql3hBnfTzalGQ9Wp83xJwDE3M2g Cc: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] X-BeenThere: [EMAIL PROTECTED] X-Mailman-Version: 2.1.9 List-Id: IETF Discussion <ietf.ietf.org> List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:[EMAIL PROTECTED]> List-Post: <mailto:[EMAIL PROTECTED]> List-Help: <mailto:[EMAIL PROTECTED]> List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:[EMAIL PROTECTED]> Sender: [EMAIL PROTECTED]I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. draft-snell-atompub-bidi-06 is a very short document and adds an experimental attribute to the atom syndication format to indicate whether text should be presented left-to-right or right-to-left. This experimental approach would replace the current "direction guessing" heuristic approach. I see nothing that leads me to believe there is any additional security consideration that is not already discussed in the security considerations of RFC4287 "The Atom Syndication Protocol". RFC4287 considers the HTML/XHTML content, URIs, IRIs, Spoofing, and encryption and digital signatures. David Harrington [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
