Hi Magnus,
Thanks for the feedback! Please see inline below.
On Thu, Sep 26, 2019, at 1:01 AM, Magnus Westerlund wrote:
> 1. Section 4.1: Is there a reason to use TLS 1.2 specification
> (RFC5246) rather than TLS 1.3 as the general reference?
Nope! We'll fix this. It was an oversight.
> 2. Comment on the writeup: Considering that ID nits results in the
> below relevant references warning I would expect some comment in the
> writeup if they are intentional. If not please update the references.
> If they are intentional, please update the writeup to note them.
>
<snip>
Philipp answered these. (Thanks, Philipp!)
> 3. Section 4.1.2: Is there a point to mention that TLS forward secrecy
> are dependent on cipher suit for the key exchange and not ensured prior
> to 1.3?
Are you asking if we *should* mention that? If so, I think not. That's probably
too much detail.
> 4. Section 4.1.2: Second to last paragraph: Broken reference to DTLS
> 1.3 draft: “(Note that this extension is only supported in
>
> DTLS 1.2 and 1.3 {{?I-D.ietf-tls-dtls13}.)”
Oops, good catch. We'll fix this, too.
> 5. Section 4.3.3: “QUIC transport relies on UDP.” Although QUIC is
> targeting UDP as its main deployment vessel, isn’t QUIC in fact
> dependent on a unreliable datagram service. But, maybe writing UDP is
> more straightforward?
Indeed! How about, "QUIC transport assumes an unreliable transport, e.g., UDP"?
> 6. Section 4.5.4: When it comes to variants of
> SRTP. I think referencing RFC 7201 would actually be reasonable, as in
> the many different options hide some transport security options that so
> far is not discussed in this document. Like securing multicasted /
> broadcasted RTP.
I'm not sure those are new security features, though. Colin, what do you think?
> 7. Section 4.5.4: So are ZRTP included as variant
> because it provides new security features? Is that session continuity,
> or something else?
Colin answered this. (Thanks, Colin!)
> 8. Section 11: There are a number of references
> here that I don’t think meets the requirement for references. These are
> the ones that only have a title and n.d. All these could include a URL
> a date when these pages was visited and contained the information you
> want to reference.
We can fix these in the next revision.
Thanks again for the review!
Best,
Chris
_______________________________________________
Taps mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/taps
