Thanks, Markus. inline.
On Thu, Sep 17, 2015 at 11:53 AM, Markus Stenberg
wrote:
> On 16.9.2015, at 22.46, Kathleen Moriarty
> wrote:
>> I just have one thing I'd like to discuss that should be easy enough to
>> resolve.
>>
>> Section 8 mentions that DTLS or TLS MAY be used and that it is up to the
>> DNCP profile. I'd be interested to see the security considerations that
>> would lead to a recommendation of using session transport for the DNCP
>> profiles. If it is in another RFC, could you add a pointer? If it is
>> not, could this be added to the security considerations section since it
>> could be an important consideration?
>
> Thanks for the comment.
>
> I am actually planning to write one more appendix to the text for -10; it
> will contain datagram(=e.g. UDP) <> stream(=e.g. TCP) pros and cons as I have
> been thinking about it every now and then, and I think it would make life of
> someone else defining a DNCP-based protocol bit easier.
>
> From the security standpoint, there isn’t much of a difference, as the
> TLS/DTLS state is more or less same for both cases. You will anyway need
> either up to date sessions (TLS(+DTLS)) and-or long lived session caching
> (DTLS(+TLS)), as you cannot afford too many new sessions that actually
> involve the authz step per given time interval. So essentially even DTLS is
> session-based transport in this case from my point of view.
>
> The rest, I will write it tomorrow and you (and Brian H. who also raised
> interest on the different transport options) can check it once we publish -10
> if it matches the requirements; we plan to publish -10 either tomorrow or on
> Monday.
Great, if you could put a couple of lines in the security
considerations section as general guidance, I think that would be very
helpful. I'm taking tomorrow off (and the rest of today), so Monday
is fine for me.
Thanks,
Kathleen
>
>> --
>> COMMENT:
>> --
>>
>> Thanks for your detailed work on this draft to provide all of the
>> security related options in section 8.
>
> Thanks ;) Section 8.3 is actually somewhat novel I think, the others
> (8.1/8.2) are relatively .. mundane.
>
> Cheers,
>
> -Markus
--
Best regards,
Kathleen
___
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet