Re: [secdir] review of draft-ietf-cdni-use-cases-08
Leif Johansson <leifj@sunet.se> Mon, 09 July 2012 08:07 UTC
Return-Path: <leifj@sunet.se>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A5DE21F8683; Mon, 9 Jul 2012 01:07:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.17
X-Spam-Level:
X-Spam-Status: No, score=-3.17 tagged_above=-999 required=5 tests=[AWL=-0.571, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ge0ZSpLHvnmL; Mon, 9 Jul 2012 01:07:06 -0700 (PDT)
Received: from backup-server.nordu.net (backup-server.nordu.net [IPv6:2001:948:4:1::66]) by ietfa.amsl.com (Postfix) with ESMTP id CFBA821F8668; Mon, 9 Jul 2012 01:07:05 -0700 (PDT)
Received: from [10.0.0.11] (ua-83-227-179-169.cust.bredbandsbolaget.se [83.227.179.169]) (authenticated bits=0) by backup-server.nordu.net (8.14.3/8.14.3) with ESMTP id q6987LD9005545 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 9 Jul 2012 10:07:25 +0200 (CEST)
Message-ID: <4FFA9138.8050204@sunet.se>
Date: Mon, 09 Jul 2012 10:07:20 +0200
From: Leif Johansson <leifj@sunet.se>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:13.0) Gecko/20120615 Thunderbird/13.0.1
MIME-Version: 1.0
To: "Francois Le Faucheur (flefauch)" <flefauch@cisco.com>
References: <4FF9E9B9.1040705@sunet.se> <3E4E0633-EDDD-42C0-8A22-1A8247671211@cisco.com>
In-Reply-To: <3E4E0633-EDDD-42C0-8A22-1A8247671211@cisco.com>
X-Enigmail-Version: 1.4.2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: The IESG <iesg@ietf.org>, "draft-ietf-cdni-use-cases.all@tools.ietf.org" <draft-ietf-cdni-use-cases.all@tools.ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] review of draft-ietf-cdni-use-cases-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Jul 2012 08:07:06 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/09/2012 10:05 AM, Francois Le Faucheur (flefauch) wrote: > (speaking as WG co-chair) > > Hi Leif & use-cases co-authors, > > Thanks for your review. > > Regarding : "The security considerations section refers the reader > to the CDNI problem statement which is fine if all the security > considerations from RFC3570 (which is obsoleted by this document) > are carried over to the CDNI problem statement." > > I would say that the fundamental security considerations brought up > in RFC3570 are indeed covered by the Problem Statement. But > arguably, there are one or two interesting specific declinations of > these fundamental security considerations that are more explicitely > spelt out in RFC3570 (eg "Delivery of Bad CONTENT"). My proposal > would be that we catch all these "specific declinations" in our > CDNI Framework document, since this is the target document for > discussing specific declinations of system-level security issues > (and each individual CDNI interface document will discuss its > interface-specific considerations). Does that work? If yes, I'll > drop a note to the CDNI Framework authors to make sure they > exhaustively catch any specific declinations of security issues > that was brought up in RFC3570 and is not yet discussed in the CDNI > Framework. Great -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/6kTgACgkQ8Jx8FtbMZnfPTgCcC+kI6kCmX0cvXaRHYX0wrpWf WaAAn2l+rKNlcDsfls82ON1/P945Hv1j =YxCr -----END PGP SIGNATURE-----
- [secdir] review of draft-ietf-cdni-use-cases-08 Leif Johansson
- Re: [secdir] review of draft-ietf-cdni-use-cases-… Francois Le Faucheur (flefauch)
- Re: [secdir] review of draft-ietf-cdni-use-cases-… Leif Johansson