[secdir] secdir review of draft-ietf-csi-send-name-type-registry-03
"Patrick Cain" <pcain@coopercain.com> Sat, 08 May 2010 14:59 UTC
Return-Path: <pcain@coopercain.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C464A3A6A99; Sat, 8 May 2010 07:59:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.001
X-Spam-Level:
X-Spam-Status: No, score=0.001 tagged_above=-999 required=5 tests=[BAYES_50=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O2L0TqD3PqWZ; Sat, 8 May 2010 07:59:18 -0700 (PDT)
Received: from server1.acmehacking.com (server1.acmehacking.com [72.51.39.79]) by core3.amsl.com (Postfix) with ESMTP id 1D1073A6A9E; Sat, 8 May 2010 07:59:17 -0700 (PDT)
Received: from familyroom ([187.0.211.16]) (authenticated bits=0) by server1.acmehacking.com (8.14.3/8.13.8) with ESMTP id o48EwtBr009979 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Sat, 8 May 2010 09:59:03 -0500
Received: from familyroom by familyroom (PGP Universal service); Sat, 08 May 2010 10:59:05 -0500
X-PGP-Universal: processed; by familyroom on Sat, 08 May 2010 10:59:05 -0500
From: Patrick Cain <pcain@coopercain.com>
To: draft-ietf-csi-send-name-type-registry.all@tools.ietf.org
Date: Sat, 08 May 2010 10:58:55 -0400
Message-ID: <020001caeebe$ffdcd560$ff968020$@com>
MIME-Version: 1.0
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcruvnXcvUUchp66RdqcjJnYvLNh+w==
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Language: en-us
Cc: iesg@ietf.org, secdir@ietf.org
Subject: [secdir] secdir review of draft-ietf-csi-send-name-type-registry-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 May 2010 14:59:18 -0000
Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. About this document: SEcure Neighbor Discovery (SEND) defines the Name Type field in the Trust Anchor option. This document request to IANA the creation and management of a registry for this field. This document also specifies a new Name Type field based on a certificate Subject Key Identifier (SKI). My comments: The document has no major technical shortcomings that I could find. I do note that the new registry value defined in this document relies on SHA-1 (160). This may be a good time to save a few RFC numbers and define a value for the impending other SHA values, like SHA-2, although I'm not so sure they exist in x.509 certificates yet. Pat
- [secdir] secdir review of draft-ietf-csi-send-nam… Patrick Cain
- Re: [secdir] secdir review of draft-ietf-csi-send… Roque Gagliano
- Re: [secdir] secdir review of draft-ietf-csi-send… Sean Turner
- Re: [secdir] secdir review of draft-ietf-csi-send… Stephen Kent
- Re: [secdir] secdir review of draft-ietf-csi-send… Sean Turner
- Re: [secdir] secdir review of draft-ietf-csi-send… Sean Turner
- Re: [secdir] secdir review of draft-ietf-csi-send… Roque Gagliano
- Re: [secdir] secdir review of draft-ietf-csi-send… Patrick Cain