I had a peek at the diff and it's all good from my POV.
Isn't it amazing how you can look at a document for ages
and ages and not just see stuff like the hkdf thing? I do
it all the time;-(
S.
On 04/12/15 21:53, Markus Stenberg wrote:
>> On 4.12.2015, at 18.51, Stephen Farrell wrote:
>> Thanks for addressing my discuss about the options for
>> using DTLS. Sorry for being slow with this ballot update.
>>
>> The comments below are old, I didn't check if you've
>> made related changes. Happy to chat about that if you
>> want, (or not if you prefer not:-)
>>
>> - I agree with Kathleen's discuss that the implementation
>> requirements for DTLS need to be clarified, hopefully (from my
>> POV) to make that MTI but I'll leave that discussion to the
>> other thread.
>
> We did some text clarification on this I believe in -10.
>
>> -Section 9: You should refer to HKDF and not HMAC-SHA256 though
>> the reference to RFC 6234 is still right. HMAC-SHA256 itself
>> is not a key derivation function, which is what you want here.
>
> Fixed in -10 (really sad failure on my part :-p)
>
>> - Please take a look at the secdir review [1] and respond to
>> that as it raises one issue not (I think) otherwise mentioned.
>> What is the effect (on a home) of one compromised hncp router?
>> Perhaps you'll say that's obvious, or perhaps not, but I'm
>> interested in what you do say, in case it's not obvious:-)
>
> There's text about that in the security considerations, I believe. (Pointer
> in the -09 DISCUSS thread IIRC).
>
> Cheers,
>
> -Markus
> ___
> homenet mailing list
> homenet@ietf.org
> https://www.ietf.org/mailman/listinfo/homenet
>
___
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet