RE: REMINDER: RADEXT WG Last Call on "Crypto-Agility Requirements for RADIUS"

["David B. Nelson" <dnelson@elbrysnetworks.com>]

Joseph Salowey writes...

> 1. Section 4.2:
> 
> In cases where the client needs to protect all or part of the radius
> request the "hint and select" negotiation the client would provide 
> more than a hint when it chooses the algorithms for protection. 
> Perhaps hint and select is not quite the right term, may be specify
> and select?

While adding a more robust form of capabilities negotiation to RADIUS might
be a useful thing, it's not a charted work item.  I think we are stuck with
the current "hint and select" paradigm that is common usage in RADIUS today.

Perhaps I've misunderstood your comment.  Could you give an example?

> 2. Section 4.6:
> 
> Section 4.6 makes reference to security considerations text about key
> management.  Shouldn't this text be in this document?

Yes, I think so.  Would anyone like to propose some text and a citation into
RFC 4017?



--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>