Re: [apps-discuss] APPSDIR review of draft-ietf-nea-pt-tls-04

[Alexey Melnikov <alexey.melnikov@xxxxxxxxx>]

Hi Paul,

On 14/06/2012 05:11, Paul Sangster wrote:
> > -----Original Message-----
> > From: Alexey Melnikov [mailto:alexey.melnikov@xxxxxxxxx]
> > Sent: Wednesday, June 13, 2012 3:47 AM
> > To: apps-discuss@xxxxxxxx; draft-ietf-nea-pt-tls.all@xxxxxxxxxxxxxx
> > Cc: ietf@xxxxxxxx
> > Subject: Re: [apps-discuss] APPSDIR review of draft-ietf-nea-pt-tls-04
> >
> > On 04/06/2012 20:01, Alexey Melnikov wrote:
> > > I have been selected as the Applications Area Directorate reviewer
> > for
> > > this draft (for background on APPSDIR, please see
> > http://trac.tools.ietf.org/area/app/trac/wiki/ApplicationsAreaDirectora
> > te
> > > ).
> > >
> > > Please resolve these comments along with any other Last Call comments
> > > you may receive. Please wait for direction from your document
> > shepherd
> > > or AD before posting a new version of the draft.  The review is not
> > > copied to the IESG as the Last Call has not been announced yet.
> > >
> > > Document: draft-ietf-nea-pt-tls-04
> > > Title: PT-TLS: A TCP-based Posture Transport (PT) Protocol
> > > Reviewer: Alexey Melnikov
> > > Review Date: June 4, 2012
> > >
> > > Summary: This document is almost ready for publication as a Proposed
> > > Standard, although some [mostly] SASL related issues remain.
> > >
> > > This document specifies PT-TLS, a TCP-based Posture Transport (PT)
> > > protocol.  The PT-TLS protocol carries the Network Endpoint
> > > Assessment (NEA) message exchange under the protection of a Transport
> > > Layer Security (TLS) secured tunnel.
> > >
> > > (Note, I've reviewed -04, but I think all of this still applies to -
> > 05.)
> > Additional issues in -05:
> >
> > 1) I didn't find the updated text prohibiting TLS renegotiation to be
> > any clearer in -05? Can you maybe try to explain what is allowed and
> > what is not?
> [PS:] The editors will discuss this more and provide a response.

Thanks.

> > 2) In the IANA Considerations:
> >
> > The PEN 0 (IETF) PT-TLS Message Type values between 9 and 2^32-2
> > inclusive are allocated for future assignment by the IANA.  The value
> > 2^32-1 is permanently reserved and is not to be allocated.
> >
> > Whom does the last sentence apply to? This registry? Or the IANA PEN
> > registry being documented by draft-liang-iana-pen?
> [PS:] I'm assuming your asking about the text at the bottom of section 6.2. Registry for PT-TLS Message Types immediately below the table that defines registry values 0 thru 8 for PEN=0.  It refers to this specific registry not the PEN registry.
Please make this clear in your document. If you want to reserve the 
value 2^32-1 in the PEN registry, then you need to make this clear in 
your document as well.