Black, David writes: > I like Amanda’s suggestion of: “Expert Review with RFC Required” > That should result in two security reviews of a new TEP, both of > which could halt a weak one. Looking at the Independent Submission > track as the “path of least resistance” that would be the IETF > Security Area (ADs and Directorate) as part of RFC publication plus > an IANA expert review as part of codepoint assignment. Thank you, > Amanda.
We (talking as secdir secretary) do not do security reviews on the independent submission documents. Area review teams only review IETF stream documents and ignore other streams (Independent, IAB, IRTF etc). Expert can of course do whatever checks he wants, and the IANA section can set some instructions for expert, for example ask him to verify in the specific mailing list before doing assignments etc. I as an IANA expert for the IKEv2 related registries (it is just expert review, no specification or RFC required) usually do require stable reference before I say assignment is ok. I also quite often send email to the ip...@ietf.org list before doing assignments, if I think there is something that might be important to people there. Anyways everything this boils down getting expert for the IANA registry that we (as an IETF) can trust do good job of blocking bad ideas... -- kivi...@iki.fi _______________________________________________ Tcpinc mailing list Tcpinc@ietf.org https://www.ietf.org/mailman/listinfo/tcpinc
