On 03/06/2013 02:32 PM, Scharf, Michael (Michael) wrote:
Having said this, I could imagine that a "MUST" for TLS for
the ALTO
base protocol spec could avoid IESG pushback from the security
area. If so, I think a statement similar to IPFIX would be
useful.
This isn't a topic to avoid IESG pushback, it is rather a topic of
having a protocol that allows secured deployments across an
untrusted network. And it should be up to the operator of the
server to decide how much security is needed.
This is currently reflected in the draft (-14).
For what it is worth, the exact phrasing in -14 confuses me: "An ALTO
Server MUST support SSL/TLS [RFC5246] to implement server and/or
client authentication, encryption, and/or integrity protection." I
could read this in a way that the ALTO server MUST announce all
services on HTTPS URIs, and this is certainly not what we want. (And,
having "and/or" in a MUST statement might not be perfect.)
If the consensus is the MUST, I'd at least prefer Sebastian's
wording: "Any ALTO implementation MUST support SSL/TLS [RFC5246]".
Sebastian's proposal is better, indeed.
That's by the way the same proposal I have asked Wendy at some point,
but didn't get response ;)
Martin
--
[email protected]
NEC Laboratories Europe
NEC Europe Limited
Registered Office:
Athene, Odyssey Business Park, West End Road, London, HA4 6QE, GB
Registered in England 2832014
_______________________________________________
alto mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/alto
