Thank you Alissa,
Comments inline prefixed with GL-
Regards,
Gustavo
On 4/9/20, 06:48, "regext on behalf of Alissa Cooper via Datatracker"
<regext-boun...@ietf.org on behalf of nore...@ietf.org> wrote:
Alissa Cooper has entered the following ballot position for
draft-ietf-regext-data-escrow-07: Discuss
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_iesg_statement_discuss-2Dcriteria.html&d=DwICAg&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=VbweciUcwYQpIOZDSxl0ezGd1hGDtd-0BvgAgfmwfE0&m=6KotPsZrrzq2bpn2K-y1yF2urMkEJOz0OITxaBun2Xs&s=hcpPqoVjnm9-aoinq9ndolZqJuxMFPlrXAwKp9NNEi4&e=
for more information about IESG DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here:
https://urldefense.proofpoint.com/v2/url?u=https-3A__datatracker.ietf.org_doc_draft-2Dietf-2Dregext-2Ddata-2Descrow_&d=DwICAg&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=VbweciUcwYQpIOZDSxl0ezGd1hGDtd-0BvgAgfmwfE0&m=6KotPsZrrzq2bpn2K-y1yF2urMkEJOz0OITxaBun2Xs&s=tOGRD4dNp47NFz1LacDypLNFM0wMf5om9bc9_HKbQMg&e=
----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------
I support Benjamin's DISCUSS and Roman's last DISCUSS point.
GL - The latest version of the draft covers the feedback from Roman (DISCUSS
cleared), and I also believe Benjamin's feedback (waiting for his response)
Regarding Section
11, there are often legal agreements in place that govern all sorts of
things
about how protocols transfer data between parties, but those are not the
main
thing to document in an RFC. Section 11 should be documenting the technical
considerations for how to protect the data that may be escrowed.
GL - draft-ietf-regext-data-escrow describes a standardized format for escrow,
and it's not a document specifying escrow services (i.e., no definition of a
transport protocol, signaling mechanism, etc.). Section 11 has been strengthen
based on the comments from other IESG's members, and I believe it's in good
shape now.
Here are the differences between 07 and 08, and 08 and 09:
https://tools.ietf.org/rfcdiff?url2=draft-ietf-regext-data-escrow-08.txt
https://tools.ietf.org/rfcdiff?url2=draft-ietf-regext-data-escrow-09.txt
I think that a draft describing the best security / operational practices for
escrow service providers could be a good idea. In the case of the gTLD space,
there is no urgency for such a document, as the security / operational
requirements are detailed in legal agreements.
Hopefully, this clarifies my previous comments.
_______________________________________________
regext mailing list
regext@ietf.org
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_regext&d=DwICAg&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=VbweciUcwYQpIOZDSxl0ezGd1hGDtd-0BvgAgfmwfE0&m=6KotPsZrrzq2bpn2K-y1yF2urMkEJOz0OITxaBun2Xs&s=gtb7G2HcGVH0Nkn1jQNw3zcDejr56jw5emEs2RK8ilw&e=
_______________________________________________
regext mailing list
regext@ietf.org
https://www.ietf.org/mailman/listinfo/regext
