Re: [Gen-art] RE: Gen-Art Review: draft-ietf-msec-newtype-keyid-01.txt
Brian E Carpenter <brc@zurich.ibm.com> Tue, 14 February 2006 10:36 UTC
Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1F8xY7-0005Ky-8G; Tue, 14 Feb 2006 05:36:47 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1F8xY5-0005Kt-Qw for gen-art@megatron.ietf.org; Tue, 14 Feb 2006 05:36:46 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id FAA14723 for <gen-art@ietf.org>; Tue, 14 Feb 2006 05:35:00 -0500 (EST)
Received: from eikenes.alvestrand.no ([158.38.152.233]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1F8xls-0004iQ-4R for gen-art@ietf.org; Tue, 14 Feb 2006 05:51:01 -0500
Received: by eikenes.alvestrand.no (Postfix) id F24A02596FE; Tue, 14 Feb 2006 11:35:13 +0100 (CET)
Delivered-To: gen-art@alvestrand.no
Received: from localhost (eikenes.alvestrand.no [127.0.0.1]) by eikenes.alvestrand.no (Postfix) with ESMTP id E26082596FD for <gen-art@alvestrand.no>; Tue, 14 Feb 2006 11:35:13 +0100 (CET)
Received: from eikenes.alvestrand.no ([127.0.0.1]) by localhost (eikenes.alvestrand.no [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 29659-08 for <gen-art@alvestrand.no>; Tue, 14 Feb 2006 11:35:07 +0100 (CET)
X-Greylist: from auto-whitelisted by SQLgrey-1.6.7
Received: from mtagate1.de.ibm.com (mtagate1.de.ibm.com [195.212.29.150]) by eikenes.alvestrand.no (Postfix) with ESMTP id 4D4192596F7 for <gen-art@alvestrand.no>; Tue, 14 Feb 2006 11:35:07 +0100 (CET)
Received: from d12nrmr1607.megacenter.de.ibm.com (d12nrmr1607.megacenter.de.ibm.com [9.149.167.49]) by mtagate1.de.ibm.com (8.12.10/8.12.10) with ESMTP id k1EAaQ7i171618 for <gen-art@alvestrand.no>; Tue, 14 Feb 2006 10:36:26 GMT
Received: from d12av02.megacenter.de.ibm.com (d12av02.megacenter.de.ibm.com [9.149.165.228]) by d12nrmr1607.megacenter.de.ibm.com (8.12.10/NCO/VERS6.8) with ESMTP id k1EAaUbu043130 for <gen-art@alvestrand.no>; Tue, 14 Feb 2006 11:36:30 +0100
Received: from d12av02.megacenter.de.ibm.com (loopback [127.0.0.1]) by d12av02.megacenter.de.ibm.com (8.12.11/8.13.3) with ESMTP id k1EAaQGX022137 for <gen-art@alvestrand.no>; Tue, 14 Feb 2006 11:36:26 +0100
Received: from sihl.zurich.ibm.com (sihl.zurich.ibm.com [9.4.16.232]) by d12av02.megacenter.de.ibm.com (8.12.11/8.12.11) with ESMTP id k1EAaPJF022085; Tue, 14 Feb 2006 11:36:26 +0100
Received: from zurich.ibm.com (sig-9-145-254-70.de.ibm.com [9.145.254.70]) by sihl.zurich.ibm.com (AIX4.3/8.9.3p2/8.9.3) with ESMTP id LAA55860; Tue, 14 Feb 2006 11:36:24 +0100
Message-ID: <43F1B2A7.3060903@zurich.ibm.com>
Date: Tue, 14 Feb 2006 11:36:23 +0100
From: Brian E Carpenter <brc@zurich.ibm.com>
Organization: IBM
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040113
X-Accept-Language: en, fr, de
MIME-Version: 1.0
To: "Karl Norrman (KI/EAB)" <karl.norrman@ericsson.com>
Subject: Re: [Gen-art] RE: Gen-Art Review: draft-ietf-msec-newtype-keyid-01.txt
References: <3AD208E1F0D5EB47AC3C5617420BCB0203ADCE8C@esealmw104.eemea.ericsson.se>
In-Reply-To: <3AD208E1F0D5EB47AC3C5617420BCB0203ADCE8C@esealmw104.eemea.ericsson.se>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: by amavisd-new at alvestrand.no
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 6e922792024732fb1bb6f346e63517e4
Content-Transfer-Encoding: 7bit
Cc: Russ Housely <housley@vigilsec.com>, gen-art@alvestrand.no, "Vesa Lehtovirta (JO/LMF)" <vesa.lehtovirta@ericsson.com>
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Sender: gen-art-bounces@ietf.org
Errors-To: gen-art-bounces@ietf.org
I'm a bit confused. The version on the IESG agenda this week is -03,
but you attached -04 on January 27. Which should we be looking at?
Brian
Karl Norrman (KI/EAB) wrote:
> Hello!
>
> Thank you very much for your review.
> Please see the attached updated draft and inline.
>
> [SNIP]
>
>
>>Summary:
>>[I understand from Laksminath Dondeti that this draft maybe
>>withdrawn, but FWIW, here is my review.] This document has
>>some minor issues with the IANA considerations and needs some
>>editorial tidying up.
>>
>>The 'empty map' option worries me, but I am not sufficiently
>>much of security expert to determine if this is justified.
>>If this is cleared the draft could go forward (but it sounds
>>like there will be another revision pass to go through).
>>
>>Detailed Review:
>>
>>Issues:
>>I am not sure that I fully understand what is going on the
>>justification of the need for an empty map(last para of s2).
>>'... required parameters are signalled in-band.' => in what protocol?
>>I think a slightly less opaque explanation would help here.
>
>
> An example is now given (the OMA DRM Content Format used for download).
>
>
>>Associated with this there should be an explicit statement in
>>s4 that no equivalent of SRTP_ID would be needed in this case.
>
>
> Such a statement is now added (Please note that there is a new Section
> 3, so
> this text is now in Section 5).
>
>
>>IANA considerations:
>>This section should refer to the IANA process setup in
>>RFC3380 for the payload type and the CS ID map type.
>>It needs to define a new process for the Key ID Type registry.
>
>
> A process is now set up in the IANA considerations section.
>
>
>>Security Considerations:
>>Are those that understand these things absolutely convinced
>>that creating keys without attaching them to an SA in the
>>process does not create some sort of opportunity to create mayhem?
>
>
> The security considerations section is now expanded.
>
>
>>Editorial Nits
>>
>>You should run idnits: there are non ascii characters in the
>>document, e.g. bullet point marks in s2.
>
>
> This version passed idnits.
>
> Thanks and regards,
> Karl
>
>
>>s1: 3rd para: s/possibility/ability/
>>s1: 3rd para: (I take it that we are trying to make it easier
>>rather than more difficult) s/should be/would be/
>>s1: 4th para: s/involved/keys/keys involved/
>>s2: 1st para: s/the MBMS/MBMS/
>>s2: 2nd para: s/athree level/three level/
>>s2 10th para: s/involved keys in the/keys being carried in a/
>>s3: Tables and figures should have captions
>>s3: s/bytes/octets/ (2 places)
>>s3: last para: Actually I think (2^16 -1), but I hope I never
>>have that many keys ;-)
>>s5: s/This memo is not foreseen to introduce security
>>implications./It is not a anticipated that this memo will
>>have any additional security implications beyond those
>>already identified for the MIKEY protocol./
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Gen-art mailing list
> Gen-art@ietf.org
> https://www1.ietf.org/mailman/listinfo/gen-art
_______________________________________________
Gen-art mailing list
Gen-art@ietf.org
https://www1.ietf.org/mailman/listinfo/gen-art
- [Gen-art] RE: Gen-Art Review: draft-ietf-msec-new… Karl Norrman (KI/EAB)
- Re: [Gen-art] RE: Gen-Art Review: draft-ietf-msec… Brian E Carpenter
- Re: [Gen-art] RE: Gen-Art Review: draft-ietf-msec… Russ Housley
- RE: [Gen-art] RE: Gen-Art Review: draft-ietf-msec… Vesa Lehtovirta (JO/LMF)
- [Gen-art] Gen-Art Review: draft-ietf-msec-newtype… Elwyn Davies
- [Gen-art] Re: Gen-Art Review: draft-ietf-msec-new… Lakshminath Dondeti
- Re: [Gen-art] Re: Gen-Art Review: draft-ietf-msec… Brian E Carpenter
- [Gen-art] Re: Gen-Art Review: draft-ietf-msec-new… Elwyn Davies
- [Gen-art] Re: Gen-Art Review: draft-ietf-msec-new… Lakshminath Dondeti