Hi, folks. I had no comments on the UDP draft or the main protocol draft so I have forwarded them to IETF last call.
I do have some concerns with the TLS draft. First, I think the idea of generic certificates will not meet with consensus of the security community. It may be OK to use the same Subject name for all cable modems from a given vendor, but reuse of private keys is not something we should recommend in an IETF standard. In general, preferring dnsname subjectAlternativeName to CN in the subject field seems preferable. Why does this specification use cn rather than either always using dnsname or using a procedure similar to that in RFC 2818. The text seems confused about what authentication is required when. Section 5.1 implies that authentication of receivers is optional but the text requires it. Are senders and relays required to have a certificate and to use that certificate? --Sam _______________________________________________ Syslog mailing list [email protected] https://www1.ietf.org/mailman/listinfo/syslog
