[secdir] Secdir early review of draft-ietf-taps-transport-security-04

Tero Kivinen <kivinen@iki.fi> Wed, 28 November 2018 12:21 UTC

Return-Path: <kivinen@iki.fi>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 078CD130DCE for <secdir@ietfa.amsl.com>; Wed, 28 Nov 2018 04:21:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.42
X-Spam-Level:
X-Spam-Status: No, score=-3.42 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qLI8eVbv8cqV for <secdir@ietfa.amsl.com>; Wed, 28 Nov 2018 04:21:52 -0800 (PST)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6628012D4EF for <secdir@ietf.org>; Wed, 28 Nov 2018 04:21:52 -0800 (PST)
Received: from fireball.acr.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.15.2/8.15.2) with ESMTPS id wASCLm6b014711 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 28 Nov 2018 14:21:48 +0200 (EET)
Received: (from kivinen@localhost) by fireball.acr.fi (8.15.2/8.14.8/Submit) id wASCLmH5006451; Wed, 28 Nov 2018 14:21:48 +0200 (EET)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <23550.34907.970599.4320@fireball.acr.fi>
Date: Wed, 28 Nov 2018 14:21:47 +0200
From: Tero Kivinen <kivinen@iki.fi>
To: Paul Wouters <paul@nohats.ca>
Cc: <secdir@ietf.org>
In-Reply-To: <154321083813.24275.4373340388504093292@ietfa.amsl.com>
References: <154321083813.24275.4373340388504093292@ietfa.amsl.com>
X-Mailer: VM 8.2.0b under 25.1.1 (x86_64--netbsd)
X-Edit-Time: 18 min
X-Total-Time: 18 min
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/FqadncdLMIVFjiNg7a9dni1h9jA>
Subject: [secdir] Secdir early review of draft-ietf-taps-transport-security-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Nov 2018 12:21:55 -0000

Paul Wouters writes:
> SecDir tools note: The secdir review link refers to an abstract
> containing the text:
> 
>         This draft summarizes a number of IETF transport security
>         protocols a 
> 
> Note the word "IETF ... protocols". I don't actually see that in any of the
> revisions 00 to 04? Where did this comment/text come from?

When WG chair etc makes a request for an early review they will have
option to include comment that explains what they want the reviewer to
concentrate to.

So this text you are refering to is the one written by Aaron Falk when
he requested to early review and that included also comments like:

	The TAPS working group would appreciate early review from
	SecDir focusing on the correctness of the protocol
	descriptions and whether there are any significant gaps
	(protocols or features) in the coverage of the draft. The
	draft is nearing readiness for WGLC and some assurance from
	SecDir that there are no significant problems would be helpful
	before finalizing it. Please send comments to the TAPS wg
	<taps@ietf.org>rg>. Thanks!!

So that Comment section is not an abstract, it is additional text
provided by the requestor...

Looking at that comment and your review, I think your point about the
openvpn and openconnect are just what they were looking at, i.e., gaps
in their protocol list...
-- 
kivinen@iki.fi