Benjamin Kaduk has entered the following ballot position for draft-ietf-netmod-module-tags-07: Discuss
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-netmod-module-tags/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- I think this document does introduce new security considerations, specifically the ability for one user to remove ("mask") tags from being visible to other users. A malicious user could interfere with the operations of other users/entities, especially in the case mentioned in an example where multiple semi-independent clients use tags to indicate modules to avoid that may be broken. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Section 2 Similarly to Alissa's DISCUSS, perhaps "registered prefix" is better than "standard prefix". Section 2.4 Similarly, "future registration" or "future use" seem to be better fits for the intended sentiment. Section 3.2 I may be misreading, but this seems to be encouraging implementations to add new ietf:-prefixed tags that are not necessarily registered or specified in IETF-consensus documents. Section 7.2 This registry allocates prefixes that have the standard prefix "ietf:". [...] The registry name just talks about "tags"; are we really allocating *prefix*es? _______________________________________________ netmod mailing list [email protected] https://www.ietf.org/mailman/listinfo/netmod
