[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: AD review of draft-ietf-radext-crypto-agility-requirements-06.txt



 

 

Hi,

See in line.


Thanks and Regards,

Dan

From: Bernard Aboba [mailto:bernard_aboba@hotmail.com]
Sent: Tuesday, May 31, 2011 8:48 PM
To: Romascanu, Dan (Dan); radiusext@ops.ietf.org
Subject: RE: AD review of draft-ietf-radext-crypto-agility-requirements-06.txt

 


> T1. I am a little concerned by the fact that the second paragraph of
> section 1.2 speaks in terms of 'compliance', 'unconditional compliance'
> and 'conditional compliance' with 'this specification' which is actually
> an Informational document. Is this really needed? We tend to avoid such
> strict language in IETF documents.

[BA] This language appears to be boilerplate in AAA requirements RFCs and BCPs (see RFC 2989 Section 1.1, RFC 4962 Section 1.1, etc.)

[[DR]] OK.


 
> T3. Also in section 4.2 I see the following:
>
> In addition to the goals referred to above, [RFC4962] Section 2
> describes additional security requirements, which translate into the
> following requirements for RADIUS crypto-agility solutions:
>
> It may be my understanding but I could not find in section 2 of
> [RFC4962] the requirements that translate into 'strong, fresh, session
> key' and 'Limit key scope'. Can you explain me what I am missing?

[BA] Looks like a typo -- should this refer to Section 3?

[[DR]] Yes – please correct.