Re: [secdir] Early SecDir Reviews

"Susan Hares" <shares@ndzh.com> Thu, 27 August 2015 21:42 UTC

Return-Path: <shares@ndzh.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 743131A8A23; Thu, 27 Aug 2015 14:42:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.055
X-Spam-Level:
X-Spam-Status: No, score=-99.055 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CfRTEUsMfqOs; Thu, 27 Aug 2015 14:42:56 -0700 (PDT)
Received: from hickoryhill-consulting.com (hhc-web3.hickoryhill-consulting.com [64.9.205.143]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7350F1A1B89; Thu, 27 Aug 2015 14:42:56 -0700 (PDT)
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=174.124.171.7;
From: "Susan Hares" <shares@ndzh.com>
To: "'Russ Housley'" <housley@vigilsec.com>, <draft-mglt-i2rs-security-requirements.all@ietf.org>, <draft-hares-i2rs-auth-trans.all@ietf.org>
References: <32779ADA-75D3-4754-AFD2-DFFE7237D939@vigilsec.com>
In-Reply-To: <32779ADA-75D3-4754-AFD2-DFFE7237D939@vigilsec.com>
Date: Thu, 27 Aug 2015 17:42:44 -0400
Message-ID: <001001d0e111$509f1180$f1dd3480$@ndzh.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQHjR5i/kudQwZm7gHsLIiXDOIy/DJ37klOA
Content-Language: en-us
X-Authenticated-User: skh@ndzh.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/S-UQ8XEWK5U9wp9Rb8c_6Cxdyqo>
Cc: 'Jeffrey Haas' <jhaas@pfrc.org>, 'Kathleen Moriarty' <kathleen.moriarty.ietf@gmail.com>, 'IETF SecDir' <secdir@ietf.org>
Subject: Re: [secdir] Early SecDir Reviews
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2015 21:42:57 -0000

Russ and sec-dir: 

Thank you for reviewing the drafty-drafts. 

In the review of the I2RS architecture, several security issues were raised.
In order to tie down the I2RS architecture document, I progress forward with
these two drafts to indicate our direction. 

Do the two drafts (in a draft-y-draft) address the necessary security
issues? Or do we still have major points to dig into?  

Thank you, 

Sue Hares


-----Original Message-----
From: Russ Housley [mailto:housley@vigilsec.com] 
Sent: Friday, August 21, 2015 6:10 PM
To: draft-mglt-i2rs-security-requirements.all@ietf.org;
draft-hares-i2rs-auth-trans.all@ietf.org
Cc: Stephen Farrell; Kathleen Moriarty; IETF SecDir
Subject: Early SecDir Reviews

Please fine the requested SecDir reviews.

Russ