Hi all, The work on p2p security requirement/analysis has been going for some time and there were objections from the group to have a security requirement document but the feedback we got was that some sort of tutorial and analysis may be a good idea. As a results the authors changed the text taking out any normative text and making it more a tutorial and analysis document in http://tools.ietf.org/id/draft-matuszewski-p2psip-security-overview-01.txt . The document was presented at the last IETF meeting and the comments from the floor was that people do not understand what is the purpose of this work and therefore cannot agree if it should be taken by the working group. Another input was that p2prg has produce a general security document in http://tools.ietf.org/html/draft-irtf-p2prg-rtc-security-05 .
In order to decide if and how to go forward we propose that the document taking under consideration the p2prg document will describe the specific security threats in P2PSIP and will provide analysis of the security risks in each of the P2PSIP layers. The purpose of the document will be to provide some hints about what to look at when developing new options or usages for P2PSIP or when looking at deploying p2psip solutions . Please think about it and provide feedback if you think this may be a good way to continue with this work. Thanks Haibin _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
