Peter,
peter van der Stok <[email protected]> writes:
> After reading Jim's statement, my position is a bit different.
> Multicast security is severely needed.
> Not making it a WG document augments the risk that the subject is
> frozen and no progress is made.
> To guarantee progress, adoption seems to me the right way forward.
Can you please define what you mean by "Multicast Security"? Are you
just looking for Group Confidentiality? Do you want Group Message
Integrity without Source Authentication? Do you want Source
Authentication? "multicast security" is too generic a term by itself
and as others have pointed out depending on which specific security
services you're talking about you will get a multitude of (potentially
conflicting) requirements. For example, you cannot get source
authentication with a shared-key-only solution.
I recommend that, before adoption, an explicit set of requirements be
defined and inserted into the scope.
> Peter
>
> Jim Schaad schreef op 2017-03-07 02:55:
>> After thinking about this for a long time, I will reluctantly state a
>> position.
>>
>> I do not believe that the WG should adopt this document at least until
>> such a time as a version has been released which does a substantially
>> better job of restricting the scope of the problem to be solved. If
>> the WG then decides to relax that scope so be it.
>>
>> Jim
-derek
--
Derek Atkins 617-623-3745
[email protected] www.ihtfp.com
Computer and Internet Security Consultant
_______________________________________________
Ace mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ace
