On 4/24/17, 5:28 PM, "Acee Lindem (acee)" <[email protected]> wrote:
>Hi Warren, > >See inline. > > >On 4/24/17, 5:02 PM, "Warren Kumari" <[email protected]> wrote: > >>Warren Kumari has entered the following ballot position for >>draft-ietf-rtgwg-yang-key-chain-20: No Objection >> >>When responding, please keep the subject line intact and reply to all >>email addresses included in the To and CC lines. (Feel free to cut this >>introductory paragraph, however.) >> >> >>Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html >>for more information about IESG DISCUSS and COMMENT positions. >> >> >>The document, along with other ballot positions, can be found here: >>https://datatracker.ietf.org/doc/draft-ietf-rtgwg-yang-key-chain/ >> >> >> >>---------------------------------------------------------------------- >>COMMENT: >>---------------------------------------------------------------------- >> >> >>I had a few minor comments, mainly on the explanatory text -- I'm not a >>YANG expert (that's Benoit's job :-)): >> >>1: "A key chain can be used by any service or application requiring >>authentication or encryption." - from my reading, this only symmetric >>keys; should this be "A key chain can be used by any service or >>application requiring authentication or encryption using symmetric keys"? > >Yes - I believe I added “symmetric” in one other place and would be fine >with adding it here as well. >> >> >>2: "They are also used to support of security requirements (e.g., TCP-AO >>Algorithms [TCP-AO-ALGORITHMS]) not implemented by vendors or only a >>single vendor." -- if it is not implemented, why put a key string on a >>device? Perhaps this was intended to be "not **yet** implemented..." ? > >Vendors supporting TCP based protocols, most notably TCP, currently >support other less-secure algorithms. It is the goal to support TCP-AO in >the model so that a revision is not required to roll out TCP-AO. I mean, “most notably BGP”… > >Thanks, >Acee >> >> > _______________________________________________ rtgwg mailing list [email protected] https://www.ietf.org/mailman/listinfo/rtgwg
