[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Thoughts on Requirements for RADIUS crypto-agility



Avi Lior writes...

> Given the charter and specifically:
> 
> "- No new security mechanisms will be defined for protecting RADIUS."
> 
> Why do you think we can do this work?

Because crypto-agility is not being interpreted as a "new" security
mechanism, but an upgrade to existing ones.

Even if you don't personally accept that interpretation, the Security Area
Directorate has requested that IETF WGs undertake this analysis and provide
corrective action where feasible -- introduce crypto-algorithm negotiation.
Our Area Directors approved adding this work item to our charter.  The
chairs feel that this is sufficient permission to undertake the work.




--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>