-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Not a full review yet, but I saw this new text in section 10.3:
"The enrollment server SHOULD maintain a mapping of users to node-ids and if the same user returns (e.g., to have their certificate re-issued) return the same Node-ID, thus avoiding the need for implementations to re-store all their data when their certificates expire." Even after the sentence is fixed there would still be two issues: - - How does this work if the user requested multiple certificates from the same login? - - How does this work if the number of Node-Ids requested changes? Also I would like to point out that I proposed a different solution to this problem in this draft: http://tools.ietf.org/html/draft-petithuguenin-p2psip-reload-bis-00#section-6 My solution does not permit to change the private key without assigning new Node-Ids, but in addition of not having the two problems listed above, it does not require server-side storage. On 10/29/2011 12:40 PM, [email protected] wrote: > A New Internet-Draft is available from the on-line Internet-Drafts > directories. This draft is a work item of the Peer-to-Peer Session Initiation > Protocol Working Group of the IETF. > > Title : REsource LOcation And Discovery (RELOAD) Base Protocol > Author(s) : Cullen Jennings > Bruce B. Lowekamp > Eric Rescorla > Salman A. Baset > Henning Schulzrinne > Filename : draft-ietf-p2psip-base-19.txt > Pages : 165 > Date : 2011-10-29 > > NOTE: This version address some, but not all, of the comments > received during IESG review. The authors are still working on > addressing many more of the comments but as the draft deadline for > IETF 82 arrives, this represents the modification made so far. > > This specification defines REsource LOcation And Discovery (RELOAD), > a peer-to-peer (P2P) signaling protocol for use on the Internet. A > P2P signaling protocol provides its clients with an abstract storage > and messaging service between a set of cooperating peers that form > the overlay network. RELOAD is designed to support a P2P Session > Initiation Protocol (P2PSIP) network, but can be utilized by other > applications with similar requirements by defining new usages that > specify the kinds of data that must be stored for a particular > application. RELOAD defines a security model based on a certificate > enrollment service that provides unique identities. NAT traversal is > a fundamental service of the protocol. RELOAD also allows access > from "client" nodes that do not need to route traffic or store > data > for others. > > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-p2psip-base-19.txt > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > This Internet-Draft can be retrieved at: > ftp://ftp.ietf.org/internet-drafts/draft-ietf-p2psip-base-19.txt - -- Marc Petit-Huguenin Personal email: [email protected] Professional email: [email protected] Blog: http://blog.marc.petit-huguenin.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk6scTwACgkQ9RoMZyVa61daTQCgiq3jHJyUuTck8X+tg+cXwBae m5MAn028zaePwx8F6K3e9+WeMJQSg7T5 =1EB4 -----END PGP SIGNATURE----- _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
