Lars Eggert has entered the following ballot position for draft-ietf-opsec-indicators-of-compromise-03: No Objection
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-opsec-indicators-of-compromise/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- # GEN AD review of draft-ietf-opsec-indicators-of-compromise-03 CC @larseggert Thanks to Vijay Gurbani for the General Area Review Team (Gen-ART) review (https://mailarchive.ietf.org/arch/msg/gen-art/f4qDRffPWyGDKXuxNbrb5UVwU38). ## Comments ### Inclusive language Found terminology that should be reviewed for inclusivity; see https://www.rfc-editor.org/part2/#inclusive_language for background and more guidance: * Term `master`; alternatives might be `active`, `central`, `initiator`, `leader`, `main`, `orchestrator`, `parent`, `primary`, `server` ## Nits All comments below are about very minor potential issues that you may choose to address in some way - or ignore - as you see fit. Some were flagged by automated tools (via https://github.com/larseggert/ietf-reviewtool), so there will likely be some false positives. There is no need to let me know what you did with these suggestions. ### URLs These URLs in the document did not return content: * https://cert.europa.eu/static/WhitePapers/UPDATED-CERT-EU_Security_Whitepaper_2014-007_Kerberos_Golden_Ticket_Protection_v1_4.pdf ### Grammar/style #### Section 1, paragraph 1 ``` nce: the activity of providing cyber security to an environment through the ^^^^^^^^^^^^^^ ``` The word "cybersecurity" is spelled as one. #### Section 2, paragraph 5 ``` twork defenders (blue teams) to pro-actively block malicious traffic or code ^^^^^^^^^^^^ ``` This word is normally spelled as one. #### Section 3.2.2, paragraph 1 ``` roups to national governmental cyber security organisations and internationa ^^^^^^^^^^^^^^ ``` The word "cybersecurity" is spelled as one. #### Section 3.2.7, paragraph 1 ``` rce malware can be deployed by many different actors, each using their own T ^^^^^^^^^^^^^^ ``` Consider using "many". #### Section 4.1.1, paragraph 3 ``` security controls monitoring numerous different types of activity within net ^^^^^^^^^^^^^^^^^^ ``` Consider using "numerous". #### Section 5.1.3, paragraph 1 ``` the ongoing legitimate use. In a similar manner, a file hash representing an ^^^^^^^^^^^^^^^^^^^ ``` Consider replacing this phrase with the adverb "similarly" to avoid wordiness. #### Section 5.2.1, paragraph 2 ``` member expertise (particularly the further the lower bound extends below the ^^^^^^^ ``` It appears that a comma is missing. #### Section 5.2.1, paragraph 2 ``` rust. Trust within such groups appears often strongest where members: intera ^^^^^^^^^^^^^ ``` The adverb "often" is usually put before the verb "appears". #### Section 5.2.2, paragraph 2 ``` uational awareness is much more time consuming. A third important considerati ^^^^^^^^^^^^^^ ``` This word is normally spelled with a hyphen. #### Section 5.2.2, paragraph 3 ``` C, as anything more granular is time consuming and complicated to manage. In ^^^^^^^^^^^^^^ ``` This word is normally spelled with a hyphen. #### Section 5.3, paragraph 2 ``` of call for protection from intrusion but endpoint solutions aren't a panacea ^^^^ ``` Use a comma before "but" if it connects two independent clauses (unless they are closely connected and short). #### Section 6.1, paragraph 4 ``` out of scope for this draft. Note too that DNS goes through firewalls, proxie ^^^^^^^^ ``` Did you mean "to that"? ## Notes This review is in the ["IETF Comments" Markdown format][ICMF], You can use the [`ietf-comments` tool][ICT] to automatically convert this review into individual GitHub issues. Review generated by the [`ietf-reviewtool`][IRT]. [ICMF]: https://github.com/mnot/ietf-comments/blob/main/format.md [ICT]: https://github.com/mnot/ietf-comments [IRT]: https://github.com/larseggert/ietf-reviewtool _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
