Re: [secdir] SecDir Review of draft-ietf-ace-usecases
Stefanie Gerdes <gerdes@tzi.de> Fri, 23 October 2015 09:43 UTC
Return-Path: <gerdes@tzi.de>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F9F71B33E5; Fri, 23 Oct 2015 02:43:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.55
X-Spam-Level:
X-Spam-Status: No, score=-1.55 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xhpSvjQlXmw1; Fri, 23 Oct 2015 02:43:42 -0700 (PDT)
Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 992C31B33D8; Fri, 23 Oct 2015 02:43:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de
Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [134.102.201.11]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id t9N9hbcS004684; Fri, 23 Oct 2015 11:43:37 +0200 (CEST)
Received: from [192.168.1.109] (pD9F6184A.dip0.t-ipconnect.de [217.246.24.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 3nj0xP28bSzHxlv; Fri, 23 Oct 2015 11:43:37 +0200 (CEST)
To: Adam Montville <adam.w.montville@gmail.com>, The IESG <iesg@ietf.org>, secdir@ietf.org, draft-ietf-ace-usecases.all@tools.ietf.org
References: <89DB82B6-28DB-461D-9E19-961BB883F3D5@gmail.com>
From: Stefanie Gerdes <gerdes@tzi.de>
Message-ID: <562A0148.7000306@tzi.de>
Date: Fri, 23 Oct 2015 11:43:36 +0200
User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <89DB82B6-28DB-461D-9E19-961BB883F3D5@gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/VRmKWI0yUbD4DOfwQn_xyB9F75w>
X-Mailman-Approved-At: Fri, 23 Oct 2015 10:12:08 -0700
Subject: Re: [secdir] SecDir Review of draft-ietf-ace-usecases
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Oct 2015 09:43:43 -0000
Hi Adam, Thank you for your comments. On 10/12/2015 04:02 PM, Adam Montville wrote: > > While the draft does mention “configuration”, the context is more about ensuring flexibility of expressing access permissions. I’m not sure if this draft requires something like the following, but it would be beneficial for downstream operational processes to explicitly support endpoint posture assessment. This could be done by providing an explicit posture-related interface. Such a requirement could be alluded to in the Security Considerations section. On the other hand, this may be something addressed by CoAP and other drafts. The draft focuses on listing use cases and resulting authorization problems. Therefore, all items listed in the sections 3.2, 3.3 and 3.4 derive from the problems summary sections. We tried very hard to steer clear of listing solutions for these problems while still providing useful guidance for solution developers. Thus, the draft does not provide details on where configuration data might be coming from. Therefore, we would rather not include this comment. We will fix the Nits that you pointed out. Thanks Steffi
- [secdir] SecDir Review of draft-ietf-ace-usecases Adam Montville
- Re: [secdir] SecDir Review of draft-ietf-ace-usec… Stefanie Gerdes