RE: One SEC AD's review of draft-ietf-radext-crypto-agility-requirements-01

["Dave Nelson" <d.b.nelson@comcast.net>]

Pasi Eronen writes...

> The outcome I'd really like to avoid is having IESG first approve
> these requirements, and then getting a solution draft that in WG's
> opinion meets the requiremnts, but is very different from how IESG
> understood the requirements. So, the main intent of the remaining
> comments is reducing the likelihood of this happening.

Exactly!

I can propose some text to resolve the editorial issues -- lack of clarity
because of poor wording.  I'll need assistance from the WG in resolving the
substantive issues, such as whether RADIUS should have a true negotiation
mechanism for cipher-suites and whether RADIUS needs forward secrecy or to
be retrofitted with Automated Key Management.

WG members, please comment on the issues that Pasi has raised in his review,
ASAP.  If we get some good discussion going, we could have a -02 version of
the draft prior to IETF 74 (coming up real soon now).


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>