Re: [secdir] SecDir review of draft-ietf-taps-transports-usage

Michael Welzl <michawe@ifi.uio.no> Tue, 06 September 2016 07:53 UTC

Return-Path: <michawe@ifi.uio.no>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C34E712B0C8; Tue, 6 Sep 2016 00:53:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.938
X-Spam-Level:
X-Spam-Status: No, score=-4.938 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_SORBS_WEB=0.77, RP_MATCHES_RCVD=-1.508] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ub89YSGxV5OE; Tue, 6 Sep 2016 00:53:17 -0700 (PDT)
Received: from mail-out4.uio.no (mail-out4.uio.no [IPv6:2001:700:100:10::15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 975AE127A90; Tue, 6 Sep 2016 00:53:14 -0700 (PDT)
Received: from mail-mx2.uio.no ([129.240.10.30]) by mail-out4.uio.no with esmtp (Exim 4.80.1) (envelope-from <michawe@ifi.uio.no>) id 1bhBBw-0000Sc-7J; Tue, 06 Sep 2016 09:53:12 +0200
Received: from [62.217.47.18] (helo=[172.20.50.33]) by mail-mx2.uio.no with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) user michawe (Exim 4.80) (envelope-from <michawe@ifi.uio.no>) id 1bhBBv-0000i3-KX; Tue, 06 Sep 2016 09:53:12 +0200
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Michael Welzl <michawe@ifi.uio.no>
In-Reply-To: <F4A7328B-BC00-436C-B134-4AD6CDB9A8EB@vpnc.org>
Date: Tue, 6 Sep 2016 09:53:10 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <5ECBD87E-92AA-42FA-B2D4-3067B2A1A2DB@ifi.uio.no>
References: <F4A7328B-BC00-436C-B134-4AD6CDB9A8EB@vpnc.org>
To: Paul Hoffman <paul.hoffman@vpnc.org>
X-Mailer: Apple Mail (2.3124)
X-UiO-SPF-Received:
X-UiO-Ratelimit-Test: rcpts/h 6 msgs/h 3 sum rcpts/h 7 sum msgs/h 4 total rcpts 45997 max rcpts/h 54 ratelimit 0
X-UiO-Spam-info: not spam, SpamAssassin (score=-5.0, required=5.0, autolearn=disabled, UIO_MAIL_IS_INTERNAL=-5, uiobl=NO, uiouri=NO)
X-UiO-Scanned: 34A27AE1528863F61D987B911BAA23455110E11D
X-UiO-SPAM-Test: remote_host: 62.217.47.18 spam_score: -49 maxlevel 80 minaction 2 bait 0 mail/h: 4 total 33 max/h 7 blacklist 0 greylist 0 ratelimit 0
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/TY2lzGVABjgPzupiP_1K1k3irW8>
Cc: draft-ietf-taps-transports-usage.all@ietf.org, secdir <secdir@ietf.org>
Subject: Re: [secdir] SecDir review of draft-ietf-taps-transports-usage
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Sep 2016 07:53:20 -0000

Hi,

Thank you very much for this review; as an author, I’ll just say “ack”. I agree with what you say. We’ll do our best to do this ASAP.

Cheers,
Michael


> On 6. sep. 2016, at 01.28, Paul Hoffman <paul.hoffman@vpnc.org> wrote:
> 
> Greetings. draft-ietf-taps-transports-usage, "On the Usage of Transport Service Features Provided by IETF Transport Protocols" is an informational overview of how TCP, MCTCP, and SCTP interact with applications. It is strictly descriptive and doesn't define anything new.
> 
> Because this is just describes existing protocols, there are no new security considerations. However, the current Security Considerations section says:
>   Security will be considered in future versions of this document.
> It is not clear if the authors meant to have this be a null section, or whether they really intend to create a Security Considerations section that repeats or points to the security considerations for the three transports. I think the latter is better, given the lack of anything new in this document. Regardless, they need to fill this in before the SecDir review can be complete.
> 
> --Paul Hoffman