I am quite agree with you。take TLS/DTLS mechanism as a optional issue not a mandatory one will be better .Then we can import more appropriate methods for some situations in the future。such as group communications。right?
On 12/11/09 2:05 PM, "Roni Even" <Even.roni at huawei.com> wrote: > Brian, > The issue is not if to have or not to have security. It is what level of > security is satisfactory and there is no one solution fits all, note also > that the p2psip solution should also make it easier to nodes to serve as > peers by not putting too much burden on them. > Deployment of security is motivated by requirements of the specific > deployment and not because of the standard, what will happen is that you > will see no compliance in cases where p2p solution will be deployed but > would prefer different security mechanism. We also need to see that there > may be other p2p overlays and joining policies as well as other usages which > may have different security requirements. > I think that the p2prg draft that outline the security option as well as > having a security analysis for p2psip will be enough. My thought was that > specifying TLS/DTLS was to address interoperability but this can be done by > mandating implementation and not usage. > > Roni Even 2009-12-15 sunchw
_______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
