On Mon, Apr 24, 2017 at 5:29 PM, Acee Lindem (acee) <[email protected]> wrote: > > > On 4/24/17, 5:28 PM, "Acee Lindem (acee)" <[email protected]> wrote: > >>Hi Warren, >> >>See inline. >> >> >>On 4/24/17, 5:02 PM, "Warren Kumari" <[email protected]> wrote: >> >>>Warren Kumari has entered the following ballot position for >>>draft-ietf-rtgwg-yang-key-chain-20: No Objection >>> >>>When responding, please keep the subject line intact and reply to all >>>email addresses included in the To and CC lines. (Feel free to cut this >>>introductory paragraph, however.) >>> >>> >>>Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html >>>for more information about IESG DISCUSS and COMMENT positions. >>> >>> >>>The document, along with other ballot positions, can be found here: >>>https://datatracker.ietf.org/doc/draft-ietf-rtgwg-yang-key-chain/ >>> >>> >>> >>>---------------------------------------------------------------------- >>>COMMENT: >>>---------------------------------------------------------------------- >>> >>> >>>I had a few minor comments, mainly on the explanatory text -- I'm not a >>>YANG expert (that's Benoit's job :-)): >>> >>>1: "A key chain can be used by any service or application requiring >>>authentication or encryption." - from my reading, this only symmetric >>>keys; should this be "A key chain can be used by any service or >>>application requiring authentication or encryption using symmetric keys"? >> >>Yes - I believe I added “symmetric” in one other place and would be fine >>with adding it here as well. >>> >>> >>>2: "They are also used to support of security requirements (e.g., TCP-AO >>>Algorithms [TCP-AO-ALGORITHMS]) not implemented by vendors or only a >>>single vendor." -- if it is not implemented, why put a key string on a >>>device? Perhaps this was intended to be "not **yet** implemented..." ? >> >>Vendors supporting TCP based protocols, most notably TCP, currently >>support other less-secure algorithms. It is the goal to support TCP-AO in >>the model so that a revision is not required to roll out TCP-AO.
Yeah, cool, fully agree -- but I still think having the "yet" in there would make it clearer (e.g: "They are also used to support of security requirements (e.g., TCP-AOAlgorithms [TCP-AO-ALGORITHMS]) not yet implemented by vendors or only implemented by a single vendor.") But, 'tis just a comment... Oh, I just noticed: "used to support of security requirements" -- perhaps "used in support of" or "use to support security..."? W > > I mean, “most notably BGP”… >> >>Thanks, >>Acee >>> >>> >> > -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf _______________________________________________ rtgwg mailing list [email protected] https://www.ietf.org/mailman/listinfo/rtgwg
