> but there are significant benefits to not maintaining your own protocols, and
> significant benefits to getting the extensive review that TLS gets.
I could not agree more with this statement.
Thanks,
--Jack
-Original Message-
From: Michael Richardson
Sent: Saturday, August 10, 201
> I think so; there are some details of resale that BRSKI would like to make
> out-of-scope for the first document. Some way, we have to deal with it, and
> I would actually like feedback from OPC about the parameters of different
> solutions here.
So in this case would the MASA need to be OPC
Hi,
In the context of the L2ACP draft (draft-carpenter-anima-l2acp-scenarios):
It seems that MACsec keying and associations are generally pair-wise, but IEEE
Std 802.1AE-2018 says:
"The guarantees provided by MACsec support the following security services for
stations participating in MACsec:
Agreeing to what Michael and you said, but also wanted to point out
that TLS as defined by IETF is on a trajectory which may or may not be desirable
for e.g.: industrial automation (where OPC is used) or other regulated/
critical environments.
For example the total elimination of any non-encryptio
Jack Visoky wrote:
>> I think so; there are some details of resale that BRSKI would like to
>> make out-of-scope for the first document. Some way, we have to deal
>> with it, and I would actually like feedback from OPC about the
>> parameters of different solutions here.
>
https://tinyurl.com/yylruorn contains a diff against -24.
Benjamin Kaduk via Datatracker wrote:
> Section 5.8.1
doc>A log data file is returned consisting of all log entries associated
doc> with the the device selected by the IDevID presented in the request.
doc> The audit l
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Autonomic Networking Integrated Model and
Approach WG of the IETF.
Title : Bootstrapping Remote Secure Key Infrastructures
(BRSKI)
Authors : Max Pr
WG: there is a chunk of Security Considerations text here that I hope
many will read.
Benjamin Kaduk via Datatracker wrote:
> Section 11.4
> It is not entirely clear to me whether device manufacturers are set up
> with incentives to maintain a well-run secure CA with strong hardw
Benjamin Kaduk via Datatracker wrote:
> Section 13.2
> I think CDDL needs to be a normative reference, as does RFC 7231. RFC
> 2473 is listed but not referenced in the text, as are RFC 2663, RFC
> 7217, and RFC 7575.
CDDL->RFC8610, now normative. (Glad that got published)
RFC24
On Sat, Aug 10, 2019 at 11:23:20AM +1200, Brian E Carpenter wrote:
> Hi Toerless,
>
> If there was only one operating system in the world, I guess we could
> describe this. The challenge I see is that the way to solve this may
> be drastically different in different o/s environments, depending on
Hi Toerless,
Just responding to one of your points, a colleague of mine from Cisco (Nancy
Cam-Winget) and I have created a draft for authentication-only data protection
for TLS 1.3. We've registered the cipher suites and will be going through the
Independent Review for this RFC soon. If you,
Hi Toerless,
Yes, I think your model is correct. Three more comments below, then I will
leave this alone until we revise the draft:
On 13-Aug-19 07:10, Toerless Eckert wrote:
> On Sat, Aug 10, 2019 at 11:23:20AM +1200, Brian E Carpenter wrote:
>> Hi Toerless,
>>
>> If there was only one operating
12 matches
Mail list logo