Re: [Last-Call] Last Call: <draft-gont-numeric-ids-sec-considerations-06.txt> (Security Considerations for Transient Numeric Identifiers Employed in Network Protocols) to Best Current Practice

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Fernando,

Thanks for your quick response.  I’d say that we are pretty much in line.  One additional comment:


Note that we do *not* target service ports. Those ports are not "transient numeric identifiers", because the server-side port has overloaded semantics (it identifies the service) -- so it *has* to be a specific value. Only if, say, a system were using something ala e.g. SRV records, servers could use "transient numeric identifiers”.


Along with considering perhaps a tweak or two based on the previous message, I hope we can collaborate over time on the privacy aspects of service discovery that might further reduce the need for the port registry.

Eliot

Attachment: signature.asc
Description: Message signed with OpenPGP

-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux