[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [iesg-secretary #5788] FW: draft-ietf-forces-requirements-08
Your request #5788 was resolved by jhargest:
IESG: FYI
>>>>>>>>>>>>>>>>>> Original Message >>>>>>>>>>>>>>>>>>
>From: Alex Zinin <zinin@psg.com>
>To: "Putzolu, David" <david.putzolu@intel.com>
>Subject: Re: FW: draft-ietf-forces-requirements-08
Guys-
I'm still waiting for a reply from Randy, but I don't want
to hold you more. Scott is fine with the doc (in fact he
was fine with my answers), and here's the feedback from
the SEC AD:
> Back on 26 November (Randy, maybe that will help you locate your
> comment), I said
>
>
> 7(2)(c) suggests TLS as an option. But 7(6) says that the protocol
> runs on top of an unreliable datagram protocol. TLS requires a
> reliable stream. This contradiction should be resolved.
>
> Their response was to change "TLS" to "TLS (if transport is reliable)".
> They left alone the text that says "the ForCES protocol SHALL assume that
> it runs on top of an unreliable, datagram service." To me, that still
> looks like a contradiction.
>
> The right answer is either to use their own security mechanism, but
> then they'd need seriously-expert help from the security area to design
> it, or to use IPsec. *But* -- while a requirements document doesn't
> need to specify all the things that draft-bellovin-useipsec calls for,
> they need to show some signs of having thought through the
> requirements. For example -- an IKE exchange is a half-dozen messages,
> plus some expensive calculations. Is the link good enough for that?
> Does the box have the horsepower to do the exponentiations? Instead,
> do they need something like KINK or SNMPv3-style key management? These
> really are requirements-level questions, since the answers turn on the
> operating environment they're assuming.
Please let me know what you think about this.
Thanks.
--
Alex
Monday, February 10, 2003, 10:13:43 AM, Putzolu, David wrote:
> Hi Alex.
> The ForCES requirements design team has updated the ForCES requirements
> in response to the IESG feedback received. If you could please review it
> and/or have the IESG review it for RFC publication, it would be much
> appreciated.
> "Tag, you are it!" :)
> -David
>> -----Original Message-----
>> From: Khosravi, Hormuzd M
>> Sent: Sunday, February 09, 2003 11:08 PM
>> To: 'internet-drafts@ietf.org'
>> Cc: Putzolu, David; 'dro@zurich.ibm.com'; 'Alex Zinin'; 'Bill Fenner
>> (fenner@research.att.com)'
>> Subject: draft-ietf-forces-requirements-08
>>
>> Hi
>>
>> I would like to submit the latest version of this ForCES WG draft.
>> It incorporates changes to address the feedback received from the IESG.
>>
>> Thanks
>> Hormuzd
>>
>> <<draft-ietf-forces-requirements-08.txt>>