[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Comment: draft-ietf-sigtran-signalling-over-sctp-applic-09

To: iesg@ietf.org
Subject: Comment: draft-ietf-sigtran-signalling-over-sctp-applic-09
From: Russ Housley <housley@vigilsec.com>
Date: Wed, 29 Oct 2003 10:05:16 -0500
Cc: iesg-secretary@ietf.org

draft-ietf-sigtran-signalling-over-sctp-applic-09.txt Telephony Signalling Transport over SCTP applicability statement (Informational)

I have another comment. This is in addition to the one I sent yesterday, not a replacement.


  The security considerations section of
  draft-ietf-sigtran-signalling-over-sctp-applic-09 says:

     UALs are designated to carry signalling messages for telephony
     services. As such, UALs must involve the security needs of several
     parties: the end users of the services; the network providers and
     the applications involved.  Additional requirements may come from
     local regulation.  While having some overlapping security needs, any
     security solution should fulfill all of the different parties'
     needs. See specific Security considerations in each UAL technical
     specification for details.

  The draft-ietf-sigtran-v5ua document is a UAL technical specification,
  and the security considerations section points to a third document,
  which is a normative reference.  Can't we eliminate the additional
  level of indirection?  I expected the UAL specification to address
  protocol specific concerns, but it looks like the working group wants
  to put it all in one place.  Since I have not looked at this document
  yet, I will reserve judgement about the soundness of this approach.

Prev by Date: Evaluation: draft-ietf-vrrp-spec-v2-09
Next by Date: FW: WG Chairs Training in Minneapolis
Previous by thread: Comment: draft-ietf-sigtran-signalling-over-sctp-applic-09
Next by thread: Evaluation: draft-ietf-ipr-submission-rights
Index(es):
- Date
- Thread