Ben Campbell has entered the following ballot position for draft-ietf-uta-smtp-tlsrpt-18: Yes
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-uta-smtp-tlsrpt/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- [Thank you for responding to my DISCUSS points via email. I have cleared, but I do how to see more explicit discussion in the security considerations.] Substantive: §1.1: There are at least a few lower case instances of 2119 keywords. Please consider using the boilerplate from RFC 8174 instead of 2119. §5.3, first paragraph: The paragraph claims that this document defines "multipart/report". In fact, it does not. §5.4, 2nd paragraph: " A reporting entity HOULD expect a "successful" response from the accepting HTTPS server...": I'm not sure how to interpret a normative requirement to expect success. What is the real intent here? Editorial and Nits: §1, paragraph 1, 2nd sentence: The sentence is convoluted. Can it be broken into multiple simpler sentences? §1.1, Policy Domain: The definition is partially circular. Please define what is meant by "domain". I assume that means domain in the DNS sense, but the word "domain" is commonly uses in other senses as well. Please be explicit. _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
