IETF Logo Mail Archive

Re: [mile] Artart last call review of draft-ietf-mile-rolie-10

Martin Thomson <martin.thomson@gmail.com> Wed, 18 October 2017 22:41 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 98DEE132705; Wed, 18 Oct 2017 15:41:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m-DdbVwgEvaE; Wed, 18 Oct 2017 15:41:32 -0700 (PDT)
Received: from mail-oi0-x22f.google.com (mail-oi0-x22f.google.com [IPv6:2607:f8b0:4003:c06::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 422961321A1; Wed, 18 Oct 2017 15:41:32 -0700 (PDT)
Received: by mail-oi0-x22f.google.com with SMTP id f66so11675455oib.2; Wed, 18 Oct 2017 15:41:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=+C59SdKME3TPCgswQ1klVeocI0/El7p9Lo06wTBelUc=; b=PWB09lTvnRejOmD/6LDTAanhiicb9oWtkDuLWx6K2G1fsADvqGXleo91mV9wQ4bJCH vBZzfG55cykb43uKXKSsKYaUvreaw/Ozp7w7Pe2OsyT5B2J08sXBCw3jCcVWXK4ueA4+ IbkhN+BqsBpPt7JlNqKqwxp8BAgAuUpc0xf8vUBZzmGy7cwZC9lp+IVeqntSGCK61Dwv F3Z4vgY4JAReaGc1GWjw553Lk+Re93vo+x37kP5iccTvk3j87GF4OkkiPArydbWjk/qE LKVudUF5TmsFYZySu37WePAg1i8C6ZgY/Es4YEfrdTWzGRCMwbShvTyvYBk1Bn1ogTeS E+Sw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=+C59SdKME3TPCgswQ1klVeocI0/El7p9Lo06wTBelUc=; b=SRFLOxvjSVR5BA6gXxzMi0tI5laUUISmnqnLgtA+gmLpaDCJ5vzLoAJc0Cjv8U5lOh T7F5fa5nKg5davKTtcceFNGK8RQavCRYQskinAwxjy0Ew/dO/eGzhnS7ypt2aHHYv07t MmdacJaPM6agyYWJKXpmOQUVFizI5mQv6ryOfvcOyaa+rBUuZYXz6EhjqH4FUAwRWkXY TsSk6LfO6U/6EA6DSKgDfy9LvPyAogSm6tGYWwNwEE6gdxWyH9vzxgQnm3nQ0RTgqBqe xRsMfrr2BwVA/zWojEA+Dx0Zkl/u96jzf5f8KZxa0o+T8JlF68CjiIkaX+FjqNigZ4O7 eA6Q==
X-Gm-Message-State: AMCzsaVLJPF+zTV1TRQlR4BWAKZR6t1qLxchmM/BpsPhN9/81bRC/9Fl 9gdFIM5bJ5tnUCSbbqErYmADDqa/QUkQWoIW4sg=
X-Google-Smtp-Source: ABhQp+Tt7FjbuvNy4cidSJ68elV2D7BqkWRjv24I8rRSY2bNGbfgXCBUIJ3RyRHHC8DZYGIjKD7A774M+d/My7PTlQM=
X-Received: by 10.202.217.197 with SMTP id q188mr8470305oig.83.1508366491548; Wed, 18 Oct 2017 15:41:31 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.157.72.178 with HTTP; Wed, 18 Oct 2017 15:41:30 -0700 (PDT)
In-Reply-To: <DM5PR09MB130796F20907D7263686255AF04D0@DM5PR09MB1307.namprd09.prod.outlook.com>
References: <150752570618.18384.5615358468704377459@ietfa.amsl.com> <DM5PR09MB1307B7C8674BB6B225422E1FF04C0@DM5PR09MB1307.namprd09.prod.outlook.com> <CABkgnnUz72J+FAhbud2mKY_SdQYUsbTf-moMAtGC8aNfEQnwRQ@mail.gmail.com> <DM5PR09MB130796F20907D7263686255AF04D0@DM5PR09MB1307.namprd09.prod.outlook.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 19 Oct 2017 09:41:30 +1100
Message-ID: <CABkgnnWcktPrCUWEcbvZ=Hed-k=Y==u2jCuH4Ko3aQSdXAdsPQ@mail.gmail.com>
To: "Banghart, Stephen A. (Fed)" <stephen.banghart@nist.gov>
Cc: "mile@ietf.org" <mile@ietf.org>, "draft-ietf-mile-rolie.all@ietf.org" <draft-ietf-mile-rolie.all@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/RFfCG-ODhKZoo9iT9z204KSy4Ps>
Subject: Re: [mile] Artart last call review of draft-ietf-mile-rolie-10
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Oct 2017 22:41:34 -0000

On Thu, Oct 19, 2017 at 1:51 AM, Banghart, Stephen A. (Fed)
<stephen.banghart@nist.gov> wrote:
> I've taken your suggestion to clean up the Transport Layer Security section and parts of the Security Considerations section by removing our reinvention of the wheel and leaning more heavily on referencing other RFCs for best practices, it's possible that the cleaned up text contradicts itself less and mitigates the issue. Perhaps more explanatory text around these two core use cases in the authentication section would help too?

Yes, the current document heavily emphasizes client authentication as
a means to control access to the point that any use of the protocol
for public information is lost.

v2.23.0 | Report a Bug | By Email