Remaining comment and one nit: Section 5.1, paragraph 3: The draft referenced here is expired and the security of the methods would have to be reviewed. (that is listed in Section 7)
The expired draft has been replaced with another draft. The security of the methods would have to be reviewed. Please list that in Section 7. Section 7, second to last bullet: typo: There is a single quotation mark at the end of the paragraph. Deb On Thu, Apr 11, 2024 at 6:08 PM Linda Dunbar <[email protected]> wrote: > Deb, > > > > Thank you. The -38 has been uploaded. > > > https://datatracker.ietf.org/doc/draft-ietf-rtgwg-net2cloud-problem-statement/ > > > > Linda > > > > *From:* Deb Cooley <[email protected]> > *Sent:* Thursday, April 11, 2024 5:53 AM > *To:* Linda Dunbar <[email protected]> > *Cc:* [email protected]; > [email protected]; [email protected] > *Subject:* Re: Secdir last call review of > draft-ietf-rtgwg-net2cloud-problem-statement-36 > > > > perfect, I'll take a look at -38 when it gets published. > > > > Deb > > > > On Wed, Apr 10, 2024 at 10:58 AM Linda Dunbar <[email protected]> > wrote: > > Deb, > > > > Thank you very much for the additional comments and the suggested wording. > > They are reflected in the revision -38. > > > > Linda > > > > -----Original Message----- > From: Deb Cooley <[email protected]> > Sent: Monday, March 18, 2024 8:24 AM > To: Linda Dunbar <[email protected]> > Cc: [email protected]; > [email protected]; [email protected] > Subject: Re: Secdir last call review of > draft-ietf-rtgwg-net2cloud-problem-statement-36 > > > > Here is my review update for > > draft-ietf-rtgwg-net2cloud-problem-statement-37: > > > > I will update my review in the datatracker. > > > > original comments (in black), updates (in blue) > > > > 1. Section 5.1, paragraph 2: Certainly the principles and assumptions of > RFC 4535* would apply to any group key management situation (note the word > change from 'group encryption' to 'group key management'). The specific > protocol addressed by that RFC isn't being used here (even though they > mention ISAKMP). How about something like this: > > > > "The group key management protocol documented in [RFC4535] outlines the > relevant security risks for any group key management system in Section 3 > (Security Considerations). While this particular protocol isn't being > suggested, the drawbacks and risks of group key management are still > relevant." > > > > done. > > [Linda] Thank you for the suggestion. They are changed in -38. > > > > 2. Section 5.1, paragraph 3: The draft referenced here is expired and > the security of the methods would have to be reviewed. (that is listed in > Section 7) > > > > The expired draft has been replaced with another draft. The security of > the methods would have to be reviewed. Please list that in Section 7. > > [Linda] The referenced draft has been uploaded. > > > > 3. Section 5.2: The draft referenced in this section is (currently) an > individual draft, and again the security of the methods would have to be > reviewed. (I see that WG adoption has been requested, and the draft is > listed in Section 7). > > > > This is just a note to the WG - no action required as long as the WG > agrees. > > [Linda] the WG chair said they will start the WG adoption soon. > > > >
_______________________________________________ rtgwg mailing list [email protected] https://www.ietf.org/mailman/listinfo/rtgwg
