Re: [anonsec] AD review comments on draft-ietf-btns-core

Nicolas Williams <Nicolas.Williams@sun.com> Fri, 04 January 2008 06:01 UTC

Return-path: <anonsec-bounces@postel.org>
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1JAfcc-00029X-EC for btns-archive-waDah9Oh@lists.ietf.org; Fri, 04 Jan 2008 01:01:34 -0500
Received: from boreas.isi.edu ([128.9.160.161]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1JAfcc-00081E-0z for btns-archive-waDah9Oh@lists.ietf.org; Fri, 04 Jan 2008 01:01:34 -0500
Received: from boreas.isi.edu (localhost [127.0.0.1]) by boreas.isi.edu (8.13.8/8.13.8) with ESMTP id m045qMsv021166; Thu, 3 Jan 2008 21:52:22 -0800 (PST)
Received: from brmea-mail-2.sun.com (brmea-mail-2.Sun.COM [192.18.98.43]) by boreas.isi.edu (8.13.8/8.13.8) with ESMTP id m045pgYt021033 for <anonsec@postel.org>; Thu, 3 Jan 2008 21:51:43 -0800 (PST)
Received: from dm-central-02.central.sun.com ([129.147.62.5]) by brmea-mail-2.sun.com (8.13.6+Sun/8.12.9) with ESMTP id m045pgMh010659 for <anonsec@postel.org>; Fri, 4 Jan 2008 05:51:42 GMT
Received: from binky.Central.Sun.COM (binky.Central.Sun.COM [129.153.128.104]) by dm-central-02.central.sun.com (8.13.8+Sun/8.13.8/ENSMAIL, v2.2) with ESMTP id m045pgFW053220 for <anonsec@postel.org>; Thu, 3 Jan 2008 22:51:42 -0700 (MST)
Received: from binky.Central.Sun.COM (localhost [127.0.0.1]) by binky.Central.Sun.COM (8.14.1+Sun/8.14.1) with ESMTP id m045pfx1027737; Thu, 3 Jan 2008 23:51:41 -0600 (CST)
Received: (from nw141292@localhost) by binky.Central.Sun.COM (8.14.1+Sun/8.14.1/Submit) id m045pflb027736; Thu, 3 Jan 2008 23:51:41 -0600 (CST)
X-Authentication-Warning: binky.Central.Sun.COM: nw141292 set sender to Nicolas.Williams@sun.com using -f
Date: Thu, 3 Jan 2008 23:51:41 -0600
From: Nicolas Williams <Nicolas.Williams@sun.com>
To: Sam Hartman <hartmans-ietf@mit.edu>
Message-ID: <20080104055141.GK22538@Sun.COM>
Mail-Followup-To: Sam Hartman <hartmans-ietf@mit.edu>, anonsec@postel.org
References: <tsl4pedf718.fsf@mit.edu>
Mime-Version: 1.0
Content-Disposition: inline
In-Reply-To: <tsl4pedf718.fsf@mit.edu>
User-Agent: Mutt/1.5.7i
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: nicolas.williams@sun.com
Cc: anonsec@postel.org
Subject: Re: [anonsec] AD review comments on draft-ietf-btns-core
X-BeenThere: anonsec@postel.org
X-Mailman-Version: 2.1.6
Precedence: list
List-Id: "Discussions of anonymous Internet security." <anonsec.postel.org>
List-Unsubscribe: <http://mailman.postel.org/mailman/listinfo/anonsec>, <mailto:anonsec-request@postel.org?subject=unsubscribe>
List-Archive: <http://mailman.postel.org/pipermail/anonsec>
List-Post: <mailto:anonsec@postel.org>
List-Help: <mailto:anonsec-request@postel.org?subject=help>
List-Subscribe: <http://mailman.postel.org/mailman/listinfo/anonsec>, <mailto:anonsec-request@postel.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: anonsec-bounces@postel.org
Errors-To: anonsec-bounces@postel.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: ea4ac80f790299f943f0a53be7e1a21a

On Thu, Dec 20, 2007 at 03:25:07PM -0500, Sam Hartman wrote:
> 
> 
> Hi.  I've sent the core document to last call.  It was not as readable
> as I would like.  If you get a bunch of comments back from people who
> do not understand you probably should take a style and readability
> pass.
> 
> I have two changes I'd like te request as last call comments myself.
> 
> First, when you require bare RSA cert payloads, please reference a
> specific section of the IKE V2 spec for a definition of this.  Also,

OK (RFC4306, section 3.6).

> how can BTNS work with DSA if nodes are required to include RSA
> payloads?

A bare DSA payload would have to be defined.  We could change the
language to require the use of a bare public key payload and point out
that currently there is only a bare RSA key payload.

> Please replace the statement in section 4.2 that leap of faith is
> being handled by BTNS with a statement that it is an item for future
> work.

This is already done in -05.

I'll make the other changes and post -06.
_______________________________________________