Hi Warren, On 4/24/17, 6:06 PM, "Warren Kumari" <[email protected]> wrote:
>On Mon, Apr 24, 2017 at 5:29 PM, Acee Lindem (acee) <[email protected]> >wrote: >> >> >> On 4/24/17, 5:28 PM, "Acee Lindem (acee)" <[email protected]> wrote: >> >>>Hi Warren, >>> >>>See inline. >>> >>> >>>On 4/24/17, 5:02 PM, "Warren Kumari" <[email protected]> wrote: >>> >>>>Warren Kumari has entered the following ballot position for >>>>draft-ietf-rtgwg-yang-key-chain-20: No Objection >>>> >>>>When responding, please keep the subject line intact and reply to all >>>>email addresses included in the To and CC lines. (Feel free to cut this >>>>introductory paragraph, however.) >>>> >>>> >>>>Please refer to >>>>https://www.ietf.org/iesg/statement/discuss-criteria.html >>>>for more information about IESG DISCUSS and COMMENT positions. >>>> >>>> >>>>The document, along with other ballot positions, can be found here: >>>>https://datatracker.ietf.org/doc/draft-ietf-rtgwg-yang-key-chain/ >>>> >>>> >>>> >>>>---------------------------------------------------------------------- >>>>COMMENT: >>>>---------------------------------------------------------------------- >>>> >>>> >>>>I had a few minor comments, mainly on the explanatory text -- I'm not a >>>>YANG expert (that's Benoit's job :-)): >>>> >>>>1: "A key chain can be used by any service or application requiring >>>>authentication or encryption." - from my reading, this only symmetric >>>>keys; should this be "A key chain can be used by any service or >>>>application requiring authentication or encryption using symmetric >>>>keys"? >>> >>>Yes - I believe I added “symmetric” in one other place and would be fine >>>with adding it here as well. >>>> >>>> >>>>2: "They are also used to support of security requirements (e.g., >>>>TCP-AO >>>>Algorithms [TCP-AO-ALGORITHMS]) not implemented by vendors or only a >>>>single vendor." -- if it is not implemented, why put a key string on a >>>>device? Perhaps this was intended to be "not **yet** implemented..." ? >>> >>>Vendors supporting TCP based protocols, most notably TCP, currently >>>support other less-secure algorithms. It is the goal to support TCP-AO >>>in >>>the model so that a revision is not required to roll out TCP-AO. > >Yeah, cool, fully agree -- but I still think having the "yet" in there >would make it clearer (e.g: "They are also used to support of security >requirements (e.g., TCP-AOAlgorithms [TCP-AO-ALGORITHMS]) not yet >implemented by vendors or only implemented by a single vendor.") >But, 'tis just a comment... Oh, I just noticed: "used to support of >security requirements" -- perhaps "used in support of" or "use to >support security..."? I agree and will update the text to add “yet”. As you surmised, I didn’t fully understand the subtlety of your original comment. Will also fix the working problem you just noticed. Thanks, Acee > > >W > >> >> I mean, “most notably BGP”… >>> >>>Thanks, >>>Acee >>>> >>>> >>> >> > > > >-- >I don't think the execution is relevant when it was obviously a bad >idea in the first place. >This is like putting rabid weasels in your pants, and later expressing >regret at having chosen those particular rabid weasels and that pair >of pants. > ---maf _______________________________________________ rtgwg mailing list [email protected] https://www.ietf.org/mailman/listinfo/rtgwg
