[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

evaluation: draft-ietf-dhc-isnsoption

To: iesg-secretary@ietf.org
Subject: evaluation: draft-ietf-dhc-isnsoption
From: Steve Bellovin <smb@research.att.com>
Date: Wed, 01 Oct 2003 23:46:46 -0400
Cc: iesg@ietf.org

I have a hard time convincing myself that my objections have been 
resolved.  I still don't know what is mandatory-to-implement.  The 
document says, in effect, "verify the response or don't use this 
option, but you can try to use 3118 or you can try to use IPsec or 
iSNS".  How about this?

	A conforming implementation MUST support RFC 3118.  IPsec
	or iSNS authentication blocks SHOULD be supported [or MUST],
	and MAY be used for authentication if preconfigured that
	way by both parties.

I'm willing to be convinced otherwise, but for now leave me as a 
DISCUSS.  (Do other people read that section differently than me?)


		--Steve Bellovin, http://www.research.att.com/~smb

Prev by Date: Re: evaluation: draft-ietf-dnsext-keyrr-key-signing-flag
Next by Date: telechat
Previous by thread: Last Call Expired: <draft-ietf-secsh-auth-kbdinteract>
Next by thread: evaluation: draft-ietf-ipsec-rfc2402bis-05.txt
Index(es):
- Date
- Thread