Hi,
Looking at the document, draft-ietf-opes-smtp-security-00, I suggest
that the work in section 5 relate to Security Threats and Risks for Open
(RFC 3837) and state the additional risks and counter measures that
applies to the SMTP case.
I think that the security section (section 5) is weak and need to be
beefed up.
I did not see clear next on how notifications are addressed.
In my opinion, the document is not ready for last call.
Cheers,
Abbie
-----Original Message-----
From: owner-ietf-openproxy(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-openproxy(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Markus
Hofmann
Sent: Saturday, August 12, 2006 8:48 AM
To: OPES Group
Subject: OPES WG Status
Folks,
given the inactivity over the last few months, we'll be closing down the
OPES WG.
The WG has achieved all but the last work item. Ten documents reached
RFC status, one document on "Integrity, privacy and security in OPES for
SMTP" (draft-ietf-opes-smtp-security-00) is still open.
It would be nice to finish this last document (addressing IAB
consideration for OPES with respect to SMTP) in order to have a
foundation for possible individual work on OPES/SMTP (i.e. if an
individual is interested after the WG wraps up).
We will be issuing a WG Last Call on this document in separate email.
However, the document will be forwarded to IESG only if we receive at
least THREE positive reviews, along the lines of "I have read it and
think it is ready for last call".
If we don't get at least three positive reviews, we'll consider sending
out the document as Informal or Experimental with a proposed note
stating "Published as a record of the work", which highlights that the
work did not fully complete.
After that, we'll close down the OPES WG.
So, please take a look at draft-ietf-opes-smtp-security-00
(http://ietf.org/internet-drafts/draft-ietf-opes-smtp-security-00.txt)
and let me know if you support handing this to IESG for consideration.
We need at least THREE positive reviews.
Thanks,
Markus