Alvaro: You are right. I will remove it in the next revision. Sue
Sent via the Samsung Galaxy Note5, an AT&T 4G LTE smartphone -------- Original message --------From: "Alvaro Retana (aretana)" <[email protected]> Date: 8/17/16 11:12 PM (GMT-05:00) To: Susan Hares <[email protected]>, 'The IESG' <[email protected]> Cc: 'Jeffrey Haas' <[email protected]>, [email protected], [email protected], [email protected] Subject: Re: Alvaro Retana's No Objection on draft-ietf-i2rs-protocol-security-requirements-07: (with COMMENT) On 8/17/16, 10:03 PM, "iesg on behalf of Susan Hares" <[email protected] on behalf of [email protected]> wrote: Hi! >How about the following for the introduction to section 3: > >The security for the I2RS protocol requires mutually authenticated I2RS >clients >and I2RS agents. The I2RS client and I2RS agent using the I2RS protocol >MUST >be able to exchange >data over a secure transport. Optionally, the I2RS Client and I2RS agent >MAY operate >on a non-secure transport to transfer a specific set of non-confidential >data > >I think this matches SEC-REQ-08 It does. Now that the text is in sync, it makes me wonder why it needs to be mentioned twice (and not just in the requirements section). ... > >For SEC-REQ-05, I re-read it now and it is redundant. I changed to: > >SEC-REQ-05: Identifier distribution and the loading of these identifiers >into I2RS agent > and I2RS Client SHOULD occur outside the I2RS protocol prior to the > I2RS protocol establishing a connection between I2RS client and I2RS >agent. > > (One mechanism such mechanism is AAA protocols.) > >What do you think? Looks good to me. Thanks! Alvaro.
_______________________________________________ i2rs mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2rs
