Hello Russ and Adam, On Mon, Jul 13, 2020 at 06:42:09AM -0700, internet-dra...@ietf.org wrote: > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-core-resource-directory/
the newly submitted -25 was uploaded to address the points you've brought up in your respective reviews. Most noteworthy -- especially because it may affect the secdir review -- are the changes to the security policies section that caught Major Concerns around the use of concrete security mechanisms. Discussion during the April interim meeting[1] has shown that the text had caught a drift towards giving concrete and detailled (and in some details wrong) measures without consideration for the bigger picture, which encompasses a variety of applications with a wild variety of assurances they may or may not need from an RD. Consequently, that section that previously stated which parts of the RD are protected now describes aspects that an application should consider when deciding on a particular security model to employ. The remaining changes should be sufficiently described in the changelog and copied below for completeness. Thanks again for your reviews Christian [1]: https://datatracker.ietf.org/doc/minutes-interim-2020-core-02-202004161500/ Remaining change log: * Add concrete suggestions (twice as long as registrant number with retries, or UUIDs without) for random endpoint names * Point out that simple registration can have faked origins, RECOMMEND mitigation when applicable and suggest the Echo mechanism to implement it. * Reference existing and upcoming specifications for DDOS mitigation in CoAP. * Explain the provenance of the example's multicast address. * Make "SHOULD" of not manipulating foreign registrations a "should" and explain how it is enforced * Clarify application of RFC6570 to search parameters * Syntactic fixes in examples * IANA: - Don't announce expected number of registrations (goes to write- up) - Include syntax as part of a field's validity in entry requirements * Editorial changes - Align wording between abstract and introduction - Abbreviation normalization: "ER model", "RD" - RFC8174 boilerplate update - Minor clarity fixes - Markup and layouting -- To use raw power is to make yourself infinitely vulnerable to greater powers. -- Bene Gesserit axiom
signature.asc
Description: PGP signature
_______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www.ietf.org/mailman/listinfo/gen-art