[secdir] draft-ietf-tsvwg-rsvp-security-groupkeying-10.txt
Stephen Kent <kent@bbn.com> Tue, 09 August 2011 19:12 UTC
Return-Path: <kent@bbn.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A2BD321F8C13 for <secdir@ietfa.amsl.com>; Tue, 9 Aug 2011 12:12:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.614
X-Spam-Level:
X-Spam-Status: No, score=-106.614 tagged_above=-999 required=5 tests=[AWL=-0.016, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Ve24w19-ynE for <secdir@ietfa.amsl.com>; Tue, 9 Aug 2011 12:12:43 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by ietfa.amsl.com (Postfix) with ESMTP id 2AB2921F8CB3 for <secdir@ietf.org>; Tue, 9 Aug 2011 12:12:43 -0700 (PDT)
Received: from dhcp89-089-043.bbn.com ([128.89.89.43]:49201) by smtp.bbn.com with esmtp (Exim 4.74 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1Qqrjk-000Jyi-4C for secdir@ietf.org; Tue, 09 Aug 2011 15:13:12 -0400
Mime-Version: 1.0
Message-Id: <p06240806ca6737102dc7@[128.89.89.43]>
Date: Tue, 09 Aug 2011 15:13:09 -0400
To: secdir@ietf.org
From: Stephen Kent <kent@bbn.com>
Content-Type: multipart/alternative; boundary="============_-899205305==_ma============"
Subject: [secdir] draft-ietf-tsvwg-rsvp-security-groupkeying-10.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Aug 2011 19:12:44 -0000
This is a quick re-check. I reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document (draft-ietf-tsvwg-rsvp-security-groupkeying-10.txt) compares group keying vs. per-neighbor or per-interface keying options for RSVP. It also examines the applicability of various protocol security mechanisms (e.g., IPsec and the RSVP INTEGRITY object) in different "trust" contexts, and for different RSVP message types. This is a very well-written document. The Security Consideration section is but one sentence, because the whole document is an analysis of security issues associated with key management and protocol options for RSVP security. I wish more documents were of this quality!
- [secdir] draft-ietf-tsvwg-rsvp-security-groupkeyi… Stephen Kent