On 4/26/17 11:34 AM, Kathleen Moriarty wrote:
Since the following text int he Security Considerations section is a recommendation, IMO it would be better to drop "or otherwise obfuscated" from the sentence as encrypting the keys really should be the recommendation. Can we make this update?It is RECOMMENDED that keys be encrypted or otherwise obfuscated when stored internally on a network device supporting this specification. If obfuscation is what happens more often in practice, maybe mention this as a fallback from the recommendation, but not make them sound equivalent?
To be clear -- the current guidance from the security area is to perform this kind of encryption, where you have encrypted material living side-by-side with the key necessary to decrypt it?
/a _______________________________________________ rtgwg mailing list [email protected] https://www.ietf.org/mailman/listinfo/rtgwg
