Re: [Last-Call] [Iot-directorate] Iotdir telechat review of draft-ietf-taps-transport-security-11

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Mohit,

Thanks for the review! You can find an updated version of the document here:


Regarding the title, we believe that the current version is correct, since "Transport Services” itself is about the interaction between apps and transport protocols; thus by adding security to the mix, we are still referring to the interface to applications. More importantly, the authors believe that the first sentence of the abstract does indicate this clearly:

"This document provides a survey of commonly used or notable network security protocols, with a focus on how they interact and integrate with applications and transport protocols.”

We did incorporate the editorial points you brought up. Thanks for pointing those out!

Thanks,
Tommy

On Apr 2, 2020, at 5:03 AM, Eric Vyncke (evyncke) <evyncke=40cisco.com@xxxxxxxxxxxxxx> wrote:

Thank you Mohit for the review.

I will take it into account for my ballot position.

Regards

-éric

-----Original Message-----
From: Iot-directorate <iot-directorate-bounces@xxxxxxxx> on behalf of Mohit Sethi via Datatracker <noreply@xxxxxxxx>
Reply-To: Mohit Sethi <mohit.m.sethi@xxxxxxxxxxxx>
Date: Wednesday, 1 April 2020 at 12:45
To: "iot-directorate@xxxxxxxx" <iot-directorate@xxxxxxxx>
Cc: "last-call@xxxxxxxx" <last-call@xxxxxxxx>, "draft-ietf-taps-transport-security.all@xxxxxxxx" <draft-ietf-taps-transport-security.all@xxxxxxxx>, "taps@xxxxxxxx" <taps@xxxxxxxx>
Subject: [Iot-directorate] Iotdir telechat review of draft-ietf-taps-transport-security-11

   Reviewer: Mohit Sethi
   Review result: Ready with Nits

   This document provides a summary of common security protocols. It then
   discusses the interfaces that exist between applications and security protocols
   as well as security protocols and transport services.

   Major issues: The document header says that this document is about interfaces
   between security protocols and transport services. Yet, later on, I find that
   the document is also discussing the interfaces between security protocols and
   applications. Perhaps you could add 'applications' to the title -> 'Interaction
   Between Applications, Security Protocols, and Transport Services'

   Editorial issues:
   - Instead of saying 'This protocol obsoletes TCP MD5 "signature" options', can
   we say 'TCP-AO obsoletes....' to avoid confusion of what is 'this' - Please
   expand 'and IPsec AH [RFC4302]' -> IP Authentication Header - Are you talking
   about cryptographic agility here 'security protocols: confidentiality, privacy
   protections, and agility.' ? - Consider changing 'interface surface exposed '->
   interface exposed by'. Otherwise it sounds too similar to attack surface
   exposed. - Expand EAP and reference RFC3748. - Perhaps you could say that
   Source Address Validation (SAV) to prevent DoS is relevant for protocols that
   use unreliable transport?


   --
   Iot-directorate mailing list
   Iot-directorate@xxxxxxxx
   https://www.ietf.org/mailman/listinfo/iot-directorate


--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call

-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux