Deb, Thank you for catching the typo.
Would the following sentence of Section 7 address your comment? “A full security evaluation will be needed before [MULTI-SEG-SDWAN] and [SDWAN-EDGE-DISCOVERY] can be recommended as a solution to some problems described in this document.” We are in the process of revising the SDWAN-EDGE-DISCOVERY draft based on the IETF119 discussion. Will update later this month. Linda From: Deb Cooley <[email protected]> Sent: Thursday, April 11, 2024 5:45 PM To: Linda Dunbar <[email protected]> Cc: [email protected]; [email protected]; [email protected] Subject: Re: Secdir last call review of draft-ietf-rtgwg-net2cloud-problem-statement-36 Remaining comment and one nit: Section 5.1, paragraph 3: The draft referenced here is expired and the security of the methods would have to be reviewed. (that is listed in Section 7) The expired draft has been replaced with another draft. The security of the methods would have to be reviewed. Please list that in Section 7. Section 7, second to last bullet: typo: There is a single quotation mark at the end of the paragraph. Deb On Thu, Apr 11, 2024 at 6:08 PM Linda Dunbar <[email protected]<mailto:[email protected]>> wrote: Deb, Thank you. The -38 has been uploaded. https://datatracker.ietf.org/doc/draft-ietf-rtgwg-net2cloud-problem-statement/ Linda From: Deb Cooley <[email protected]<mailto:[email protected]>> Sent: Thursday, April 11, 2024 5:53 AM To: Linda Dunbar <[email protected]<mailto:[email protected]>> Cc: [email protected]<mailto:[email protected]>; [email protected]<mailto:[email protected]>; [email protected]<mailto:[email protected]> Subject: Re: Secdir last call review of draft-ietf-rtgwg-net2cloud-problem-statement-36 perfect, I'll take a look at -38 when it gets published. Deb On Wed, Apr 10, 2024 at 10:58 AM Linda Dunbar <[email protected]<mailto:[email protected]>> wrote: Deb, Thank you very much for the additional comments and the suggested wording. They are reflected in the revision -38. Linda -----Original Message----- From: Deb Cooley <[email protected]<mailto:[email protected]>> Sent: Monday, March 18, 2024 8:24 AM To: Linda Dunbar <[email protected]<mailto:[email protected]>> Cc: [email protected]<mailto:[email protected]>; [email protected]<mailto:[email protected]>; [email protected]<mailto:[email protected]> Subject: Re: Secdir last call review of draft-ietf-rtgwg-net2cloud-problem-statement-36 Here is my review update for draft-ietf-rtgwg-net2cloud-problem-statement-37: I will update my review in the datatracker. original comments (in black), updates (in blue) 1. Section 5.1, paragraph 2: Certainly the principles and assumptions of RFC 4535* would apply to any group key management situation (note the word change from 'group encryption' to 'group key management'). The specific protocol addressed by that RFC isn't being used here (even though they mention ISAKMP). How about something like this: "The group key management protocol documented in [RFC4535] outlines the relevant security risks for any group key management system in Section 3 (Security Considerations). While this particular protocol isn't being suggested, the drawbacks and risks of group key management are still relevant." done. [Linda] Thank you for the suggestion. They are changed in -38. 2. Section 5.1, paragraph 3: The draft referenced here is expired and the security of the methods would have to be reviewed. (that is listed in Section 7) The expired draft has been replaced with another draft. The security of the methods would have to be reviewed. Please list that in Section 7. [Linda] The referenced draft has been uploaded. 3. Section 5.2: The draft referenced in this section is (currently) an individual draft, and again the security of the methods would have to be reviewed. (I see that WG adoption has been requested, and the draft is listed in Section 7). This is just a note to the WG - no action required as long as the WG agrees. [Linda] the WG chair said they will start the WG adoption soon.
_______________________________________________ rtgwg mailing list [email protected] https://www.ietf.org/mailman/listinfo/rtgwg
