SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    Editorial comments on security draft.



     

    Here are my comments on the security draft.

     

    Elizabeth

     

     

    Acronym SPI not defined.  [First used at bottom of pg 5]

     

    NCITS has officially changed its name to INCITS (InterNational Committee for Informational Technology Standards)  [Section 1.5, Fibre Channel definition, bottom of pg 6]

     

    FCIP definition centers on SANs.  FC/FCIP are not storage/SAN specific.  Not sure how to address/how important it is to address, since it is true that a majority of FC is storage centric.

    Maybe either in FCIP definition or in FCIP overview, note that the focus of this document is storage, but that FCIP may transport not FCP frames?  [1.3 FCIP overview, pg. 5; 1.5 FCIP definition, pg 7]

     

    Typo:  two spaces between Conformant & IP [Section 2.3.2, pg. 12]

     

    Typo:  addreses – should be addresses.  [Section 2.3.3; third line of pg 13]

     

    Typo:  vulnerabile – should be vulnerable [Section 2.3.3; fourth line of pg 13]

     

    Typo:  intiating – should be initiating [Section 2.3.4; 6th line in paragraph above bullet [4], pg. 15]

     

    Typo: double ‘the’ [Section 2.3.4; 1st line of bullet [4], pg 15]

     

    Typo: double ‘the’ [Section 2.5.1; 3rd line of bullet [g], pg. 19]

     

    Typo:  double ‘the’ [Section 2.5.1; 3rd line of bullet [h], pg 20]

     

    Typo:  double ‘the’ [Section 2.5.1; 3rd line of bullet [i], pg 20]

     

    Suggested rewording:  [Section 2.5.3, 1st full paragraph on pg. 22]

    Current: “Use of IPsec for SLPv2 security has advantages over SLPv2 authentication as defined in [RFC2608], which does not provide a way to authenticate "zero result responses", leaving SLPv2 vulnerable to a denial of service attack.” 

    This sentence was confusing to me.  Suggested rewording to

    Use of IPsec for SLPv2 security has advantages over SLPv2 authentication as defined in [RFC2608].  The latter does not provide a way to authenticate "zero result responses", which leaves SLPv2 vulnerable to a denial of service attack.” 

     

    Typo:  double ‘could’ [Section 2.6; 2nd line of bullet [2], pg. 22]

     

    Typo:  desireable – Should be desirable. [Section 2.6, Third line of bullet [a], pg 23]

     

    Consistency:  IPSec instead of IPsec used in several places, beginning in Section 2.6.1

                [Section 2.6.1; 3rd paragraph of page 24, 3rd line]

                [Section 2.6.1; 5th paragraph of page 24, 3rd line]

                [Section 2.6.2; 2nd to last line of 1st paragraph of section, pg 24]

                [Section 2.6.2; 1st line of 2nd paragraph of section, pg 24]

     

    Typo: addreses – should be addresses [Section 2.6.4; 2nd to last line of 1st paragraph on pg. 26]

     

    Typo: desireable – should be administrative [Section 5.1.1; bullet [1], 2nd line, pg. 36

     

    Typo: Gbs – should be Gbps [Section 5.4, 2nd paragraph, 4th line, pg 37]

     

    Typo: Thuss – should be Thus [Section 5.4; 2nd to last paragraph on pg 38, 3rd to last line]

     

    Typo:  intial – should be initial.  [Section 5.6; 2nd paragraph, 2nd line on page 42]

     

    Typo: Space between Kent & S. [[RFC 2406], pg. 48]

     

    Update iFCP reference to draft 12; the WG last call version [[iFCP], pg 49]

     

    Update FCIP reference to draft 11; the WG last call version. [[FCIP], pg. 49]

     

    I know the above two are listed as WIP, but since they have completed WG last call, probably should update their references to the versions that will go to the IESG.

     

    Typo: cut & paste error “, which includes support for bi-directional authentication” between “(work in” and “progress)”

     

    Typo:  et.al. – should be et al. (there is currently a period between et & al) [[iSCSIName], pg 49]

     

    Typo:  Split draft name with “, which includes support for bi-directional authentication” [[iSCSIName], pg 49]

     

    Typo:  Split draft name with “, which includes support for bi-directional authentication” [[iSCSISLP], pg 49]

     

    Typo: Space between Kent & S. [[RFC 2402], pg. 50]

     

    Typo:  Extra space after Gulbrandsen  and extra ‘.’ and space before Vixie.[[RFC 2782], pg. 50]

     

    Typo:  et.al. – should be et al. (there is currently a period between et & al) [[iSCSIREQ], pg 50]

     

    Update iSCSIREQ reference to draft 6, the IESG last call version.

     

    Typo:  implementers – should be implementers [Intellectual Property Statement]

     

    Also, would seem to me that we would need the IPR boilerplate

     

    "The IETF has been notified of intellectual property rights

    claimed in regard to some or all of the specification contained

    in this document.  For more information consult the online list

    of claimed rights."

     

    Taken from section 10.4 (D) of RFC 2026.

     

    Instead of the IPR statement already in the document?

     

     



Home

Last updated: Mon Jul 01 04:18:44 2002
11027 messages in chronological order