[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Evaluation: draft-ietf-pilc-link-design - Advice for Internet Subnetwork Designers to BCP

To: IESG Secretary <iesg-secretary@ietf.org>
Subject: Re: Evaluation: draft-ietf-pilc-link-design - Advice for Internet Subnetwork Designers to BCP
From: Russ Housley <housley@vigilsec.com>
Date: Wed, 05 Mar 2003 14:53:11 -0500
Cc: Internet Engineering Steering Group <iesg@ietf.org>

I do not get to "vote" yet, but I do have two comments on the Security Considerations section.

1. PGP is mentioned in the 3rd paragraph. S/MIME should also be listed. S/MIME is included in every major mail agent (except the one from Qualcomm). While S/MIME suffers from the lack of ubiquitous certificate enrollment, PGP suffers from the lack of integration into mail stream mail agents. In my opinion, either mention both or neither.

2. At least two more items should be added to the number list of "mistakes." The first is replay detection. The second is the use of confidentiality mechanisms without integrity mechanisms.

Russ

Follow-Ups:
- Re: Evaluation: draft-ietf-pilc-link-design - Advice for Internet Subnetwork Designers to BCP
  - From: Patrik Fältström <paf@cisco.com>

Prev by Date: Re: draft note to IPv6 WG on DNS discovery
Next by Date: NEW INFORMATION about WG/BOF Chairs Training
Previous by thread: Re: Evaluation: draft-ietf-pilc-link-design - Advice for Internet Subnetwork Designers to BCP
Next by thread: Re: Evaluation: draft-ietf-pilc-link-design - Advice for Internet Subnetwork Designers to BCP
Index(es):
- Date
- Thread