A few comments on the draft below.
--aaron
----
Introduction (sec 1):
* I think it’s missing a statement describing why you chose this set
of protocols. You point out why you don’t include auth-only protocols
but why (only) these? Are you including all of the IETF transport
security protocols? If not, why not? For the non-IETF protocols, why
these? The intro to Sec 3 says they are “security protocols that are
currently used to protect data”.
Terminology (sec 2):
* Is ‘network security layer’ a well-defined term? Does it mean
something like “a security service provided by the network layer to
the transport layer”? Maybe worth including a definition.
* Can security features exist above the transport layer?
gQUIC (sec 3.4)
* RFCs take a long time to publish and live forever. Given that, does
documenting gQUIC make sense in that context? Do you expect it to be
around for a long time? Are there functional differences from QUIC w/
TLS that distinguish it?
MinimalT (sec 3.5)
* I confess I’ve never heard of it. The draft doesn’t include a
citation. Is there no RFC? Seems odd to me that it is “built on top
of a widespread directory service” but the directory service isn’t
identified._______________________________________________
Taps mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/taps
