perfect, I'll take a look at -38 when it gets published. Deb
On Wed, Apr 10, 2024 at 10:58 AM Linda Dunbar <[email protected]> wrote: > Deb, > > Thank you very much for the additional comments and the suggested wording. > They are reflected in the revision -38. > > Linda > > -----Original Message----- > From: Deb Cooley <[email protected]> > Sent: Monday, March 18, 2024 8:24 AM > To: Linda Dunbar <[email protected]> > Cc: [email protected]; > [email protected]; [email protected] > Subject: Re: Secdir last call review of > draft-ietf-rtgwg-net2cloud-problem-statement-36 > > Here is my review update for > draft-ietf-rtgwg-net2cloud-problem-statement-37: > > I will update my review in the datatracker. > > original comments (in black), updates (in blue) > > 1. Section 5.1, paragraph 2: Certainly the principles and assumptions of > RFC 4535* would apply to any group key management situation (note the word > change from 'group encryption' to 'group key management'). The specific > protocol addressed by that RFC isn't being used here (even though they > mention ISAKMP). How about something like this: > > "The group key management protocol documented in [RFC4535] outlines the > relevant security risks for any group key management system in Section 3 > (Security Considerations). While this particular protocol isn't being > suggested, the drawbacks and risks of group key management are still > relevant." > > done. > [Linda] Thank you for the suggestion. They are changed in -38. > > 2. Section 5.1, paragraph 3: The draft referenced here is expired and > the security of the methods would have to be reviewed. (that is listed in > Section 7) > > The expired draft has been replaced with another draft. The security of > the methods would have to be reviewed. Please list that in Section 7. > [Linda] The referenced draft has been uploaded. > > 3. Section 5.2: The draft referenced in this section is (currently) an > individual draft, and again the security of the methods would have to be > reviewed. (I see that WG adoption has been requested, and the draft is > listed in Section 7). > > This is just a note to the WG - no action required as long as the WG > agrees. > [Linda] the WG chair said they will start the WG adoption soon. > >
_______________________________________________ rtgwg mailing list [email protected] https://www.ietf.org/mailman/listinfo/rtgwg
