[Last-Call] Secdir last call review of draft-ietf-dnsop-server-cookies-04

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reviewer: Stephen Farrell
Review result: Has Issues

I see two issues here worth checking:

1. I don't recall SipHash being used as a MAC in
any IETF standard before. We normally use HMAC,
even if truncated. Why make this change and was
that checked with e.g. CFRG? (And the URL given
in the reference gets me a 404.)

2. Is it really a good idea to use a 32 bit seconds
since 1970-01-01 in 2020? I'd have thought that e.g.
a timestamp in hours since then or seconds since
some date in 2020 would be better.

Here's a couple of nits too:
- section 1: what's a "strong cookie"?
- "gallimaufry" - cute! but not sure it'll help readers to learn that word.




-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux