RE: [NSIS] AD Review comments on draft-ietf-nsis-req-07.txt
"Attila Bader (ETH)" <Attila.Bader@eth.ericsson.se> Mon, 16 June 2003 21:51 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA04318 for <nsis-archive@odin.ietf.org>; Mon, 16 Jun 2003 17:51:01 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h5GLoYu07834 for nsis-archive@odin.ietf.org; Mon, 16 Jun 2003 17:50:34 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h5GEU2a06883; Mon, 16 Jun 2003 10:30:02 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h5GETrm06841 for <nsis@optimus.ietf.org>; Mon, 16 Jun 2003 10:29:53 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA15984 for <nsis@ietf.org>; Mon, 16 Jun 2003 10:29:50 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19RuxM-0002xm-00 for nsis@ietf.org; Mon, 16 Jun 2003 10:27:36 -0400
Received: from penguin-ext.wise.edt.ericsson.se ([193.180.251.47] helo=penguin.al.sw.ericsson.se) by ietf-mx with esmtp (Exim 4.12) id 19RuxL-0002xj-00 for nsis@ietf.org; Mon, 16 Jun 2003 10:27:35 -0400
Received: from esealnt610.al.sw.ericsson.se (alteon-nat3.sw.ericsson.se [153.88.254.120]) by penguin.al.sw.ericsson.se (8.12.9/8.12.9/WIREfire-1.6b) with ESMTP id h5GETnw2010616; Mon, 16 Jun 2003 16:29:49 +0200 (MEST)
Received: by esealnt610.al.sw.ericsson.se with Internet Mail Service (5.5.2655.55) id <LYGH00XY>; Mon, 16 Jun 2003 16:31:34 +0200
Message-ID: <F005CD411D18D3119C8F00508B0874800D3935D2@ehubunt100.eth.ericsson.se>
From: "Attila Bader (ETH)" <Attila.Bader@eth.ericsson.se>
To: mankin@psg.com
Cc: nsis@ietf.org
Subject: RE: [NSIS] AD Review comments on draft-ietf-nsis-req-07.txt
Date: Mon, 16 Jun 2003 16:27:47 +0200
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2655.55)
Content-Type: text/plain; charset="iso-8859-1"
Sender: nsis-admin@ietf.org
Errors-To: nsis-admin@ietf.org
X-BeenThere: nsis@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/nsis>, <mailto:nsis-request@ietf.org?subject=unsubscribe>
List-Id: Next Steps in Signaling <nsis.ietf.org>
List-Post: <mailto:nsis@ietf.org>
List-Help: <mailto:nsis-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/nsis>, <mailto:nsis-request@ietf.org?subject=subscribe>
Hi Allison, I do not completely understand your argument for MUST implementation of hop-by-hop security. 'Must be implemented but not must use' means that there is the possibility to use hop-by-hop security in any NE but it has to be implemented even if it is never used. 'SHOULD be supported' means that it has to be implemented except in particular cases. I think it is strong enough. Best regards, Attila > > 5.7.5 Hop-by-hop security > > Hop-by-Hop security SHOULD be supported. It is a well known and > proven concept in Quality-of-Service and other signaling protocols > that allows intermediate nodes that actively participate in the > protocol to modify the messages as it is required by processing > rules. Note that this requirement does not exclude end-to-end or > network-to-network security of a signaling message. End-to-end > security between the initiator and the responder may be used to > provide protection of non-mutable data fields. Network-to-network > security refers to the protection of messages over various > hops but > not in an end-to-end manner i.e. protected over a > particular network. > > Without minimum mandatory to implement channel security for > the signaling, > you can't be sure the other security features will be > untampered with - > this needs to be a MUST implement (it's not a MUST use). > Suggest changing > the first sentence to "Channel security between signaling entities > MUST be implemented'? > _______________________________________________ nsis mailing list nsis@ietf.org https://www1.ietf.org/mailman/listinfo/nsis
- [NSIS] AD Review comments on draft-ietf-nsis-req-… Allison Mankin
- Re: [NSIS] AD Review comments on draft-ietf-nsis-… Scott Bradner
- RE: [NSIS] AD Review comments on draft-ietf-nsis-… Avella, Alejandro
- Re: [NSIS] AD Review comments on draft-ietf-nsis-… Henning Schulzrinne
- RE: [NSIS] AD Review comments on draft-ietf-nsis-… Hancock, Robert
- [NSIS] RE: AD Review comments on draft-ietf-nsis-… john.loughney
- RE: [NSIS] AD Review comments on draft-ietf-nsis-… john.loughney
- RE: [NSIS] AD Review comments on draft-ietf-nsis-… john.loughney
- RE: [NSIS] RE: AD Review comments on draft-ietf-n… Tschofenig Hannes
- [NSIS] AD Review comments on draft-ietf-nsis-req-… Michael Thomas
- Re: [NSIS] AD Review comments on draft-ietf-nsis-… Marcus Brunner
- RE: [NSIS] AD Review comments on draft-ietf-nsis-… john.loughney
- RE: [NSIS] AD Review comments on draft-ietf-nsis-… Hancock, Robert
- RE: [NSIS] AD Review comments on draft-ietf-nsis-… Geib, Ruediger
- Re: [NSIS] AD Review comments on draft-ietf-nsis-… Georgios Karagiannis
- RE: [NSIS] AD Review comments on draft-ietf-nsis-… Attila Bader (ETH)
- Re: [NSIS] AD Review comments on draft-ietf-nsis-… Melinda Shore
- RE: [NSIS] AD Review comments on draft-ietf-nsis-… john.loughney
- Re: [NSIS] AD Review comments on draft-ietf-nsis-… Georgios Karagiannis
- Re: [NSIS] AD Review comments on draft-ietf-nsis-… Georgios Karagiannis
- Re: [NSIS] AD Review comments on draft-ietf-nsis-… Melinda Shore
- RE: [NSIS] AD Review comments on draft-ietf-nsis-… john.loughney
- RE: [NSIS] AD Review comments on draft-ietf-nsis-… john.loughney