Hi Jon, That looks fine to me. (Note though that now that I've escaped from the IESG, what I think no longer matters:-)
Cheers, S. On 11/04/17 15:35, Jonathan Hardwick wrote: > Hi Stephen > > Many thanks for this comment. I'm picking up this thread and replying as PCE > working group chair, as the authors are unavailable. I apologise for the > delay. > > Please see my proposed resolutions inline below, marked with "Jon>" > > Best regards > Jon > > > -----Original Message----- > From: Stephen Farrell [mailto:[email protected]] > Sent: 16 March 2017 12:48 > To: The IESG <[email protected]> > Cc: [email protected]; Julien Meuric > <[email protected]>; [email protected]; [email protected]; > [email protected] > Subject: Stephen Farrell's No Objection on draft-ietf-pce-stateful-pce-18: > (with COMMENT) > > Stephen Farrell has entered the following ballot position for > draft-ietf-pce-stateful-pce-18: No Objection > > When responding, please keep the subject line intact and reply to all email > addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-pce-stateful-pce/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > In 10.1, some references seem to be needed to say how to do that > authentication and encryption. IIUC, that's a work in progress, or is that > right? If so, when's it likely to be done and usable? > > Jon> You are correct - this is being specified in draft-ietf-pce-pceps. That > document is ready to be submitted to the IESG (we are only waiting for the > IPR poll to conclude) but draft-ietf-pce-stateful-pce is likely to be > published first. > We already discussed how to handle this with > draft-ietf-pce-stateful-sync-optimizations, which was approved for > publication recently. I think that we should handle it in a consistent way > for draft-ietf-pce-stateful-pce. So I propose this change: > > OLD > As a general precaution, it is RECOMMENDED that these PCEP extensions > only be activated on authenticated and encrypted sessions across PCEs > and PCCs belonging to the same administrative authority. > NEW > As a general precaution, it is RECOMMENDED that these PCEP extensions > only be activated on authenticated and encrypted sessions across PCEs > and PCCs belonging to the same administrative authority, using Transport > Layer > Security (TLS) [I-D.ietf-pce-pceps], as per the recommendations and > best current practices in [RFC7525]. An administrator could also expose > the > speaker entity id as part of the certificate, so that the peer's identity > can be verified. > END NEW > >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Pce mailing list [email protected] https://www.ietf.org/mailman/listinfo/pce
