Hi Pete,
Thanks for your review!
I am unclear what you mean by: "Somewhere explain what the CVE numbers
are". We have included a CVE number for those attacks that have such an
identified vulnerability record. Do you simply want a generic
explanation of what "CVE" means?
Thanks,
Yaron
On 09/28/2014 04:29 PM, Pete Resnick wrote:
Folks,
I've completed my review of draft-ietf-uta-tls-attacks-03. Fine work;
it's ready to go to Last Call. Just a few nits, which I'm fine leaving
until after Last Call:
Section 1: s/motivated/was one of the motivations for/
Section 2: Somewhere explain what the CVE numbers are.
Section 2.8: s/to define/the definition of/
Section 2.13: s/the integration of/when integrating into/
That said, a question, probably mostly for the chairs, but others can of
course speak up if they have something to add: It seems to me that this
document could probably wait until the BCP is also ready for Last Call
because it might be good to review both documents together. Do you
really want me to Last Call it now (and put a stake in the ground that
you've gotten it done), or do you want me to hold off for a bit? I'm
happy to proceed either way.
pr
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
