[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

evaluation: draft-ietf-sigtran-security

To: iesg-secretary@ietf.org, iesg@ietf.org
Subject: evaluation: draft-ietf-sigtran-security
From: hardie@qualcomm.com
Date: Tue, 19 Aug 2003 16:52:32 -0700

Please update my evaluation to no-ob, as the details of the
upgrade procedure and the note not to use unordered
delivery have been added.

As a side note, I see they have changed "trusted network
principle" to "closed network principle" in Section 3.  This
certainly displays a fair amount of the cynicism I requested,
but this wasn't exactly what I meant.  I meant that operating
on the "trusted" or "closed" network principle is how the
current telephone network works, but that does not mean
it is a good idea.  There has been lots of work on the vulnerabilities
of those networks, but this draft reports that principle (however
named) with no hint of any problems it might contain.

As I said originally, though, this doesn't change the spec, and delaying
it for this doesn't make much sense.  The authors might want to
talk to Sean Donelan, though, as his experience writing ss7 code and
exploring security vulnerabilities in networks might prove useful
to them.

Prev by Date: draft-kularski-spam-spamreduce-00.txt
Next by Date: last call comments to draft-ietf-ipsec-ciph-aes-ccm-04.txt
Previous by thread: draft-kularski-spam-spamreduce-00.txt
Next by thread: last call comments to draft-ietf-ipsec-ciph-aes-ccm-04.txt
Index(es):
- Date
- Thread