Re: [secdir] Early SecDir Reviews

"Susan Hares" <shares@ndzh.com> Thu, 27 August 2015 21:54 UTC

Return-Path: <shares@ndzh.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A11881ACEF8; Thu, 27 Aug 2015 14:54:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.055
X-Spam-Level:
X-Spam-Status: No, score=-99.055 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PJgOq8pnb_y3; Thu, 27 Aug 2015 14:54:30 -0700 (PDT)
Received: from hickoryhill-consulting.com (hhc-web3.hickoryhill-consulting.com [64.9.205.143]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EBD951A87BD; Thu, 27 Aug 2015 14:54:29 -0700 (PDT)
X-Default-Received-SPF: pass (skip=forwardok (res=PASS)) x-ip-name=174.124.171.7;
From: "Susan Hares" <shares@ndzh.com>
To: "'Russ Housley'" <housley@vigilsec.com>
References: <32779ADA-75D3-4754-AFD2-DFFE7237D939@vigilsec.com> <001001d0e111$509f1180$f1dd3480$@ndzh.com> <CC1E62B2-1CB9-4B4C-938D-3A6A0E7802ED@vigilsec.com>
In-Reply-To: <CC1E62B2-1CB9-4B4C-938D-3A6A0E7802ED@vigilsec.com>
Date: Thu, 27 Aug 2015 17:54:22 -0400
Message-ID: <001e01d0e112$ef1cd710$cd568530$@ndzh.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQHjR5i/kudQwZm7gHsLIiXDOIy/DAGRD5fwAcTdSMad4OcMkA==
Content-Language: en-us
X-Authenticated-User: skh@ndzh.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/jKj5y5pPnBl-_EVHMW2CB9ILhwI>
Cc: 'IETF SecDir' <secdir@ietf.org>, 'Kathleen Moriarty' <kathleen.moriarty.ietf@gmail.com>, draft-hares-i2rs-auth-trans.all@ietf.org, 'Jeffrey Haas' <jhaas@pfrc.org>, draft-mglt-i2rs-security-requirements.all@ietf.org
Subject: Re: [secdir] Early SecDir Reviews
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2015 21:54:31 -0000

Russ:

I uploaded a new version of draft-hares-i2rs-auth-trans-05 with the
identities changed to identifiers.  I hope this new draft resolves all the
issues with draft-hares-i2rs-auth-trans-04. 

Sue 

-----Original Message-----
From: Russ Housley [mailto:housley@vigilsec.com] 
Sent: Thursday, August 27, 2015 5:50 PM
To: Susan Hares
Cc: draft-mglt-i2rs-security-requirements.all@ietf.org;
draft-hares-i2rs-auth-trans.all@ietf.org; 'Stephen Farrell'; 'Kathleen
Moriarty'; 'IETF SecDir'; 'Jeffrey Haas'
Subject: Re: Early SecDir Reviews

Sue:

I think you are asking if there are additional topics that need to be
covered.  I did not notice any.  Although there was question raised in
response to my review about the distinction between identity and
identifiers.  Sorting that out might raise new things.

Russ


On Aug 27, 2015, at 5:42 PM, Susan Hares wrote:

> Russ and sec-dir: 
> 
> Thank you for reviewing the drafty-drafts. 
> 
> In the review of the I2RS architecture, several security issues were
raised.
> In order to tie down the I2RS architecture document, I progress 
> forward with these two drafts to indicate our direction.
> 
> Do the two drafts (in a draft-y-draft) address the necessary security 
> issues? Or do we still have major points to dig into?
> 
> Thank you,
> 
> Sue Hares
> 
> 
> -----Original Message-----
> From: Russ Housley [mailto:housley@vigilsec.com]
> Sent: Friday, August 21, 2015 6:10 PM
> To: draft-mglt-i2rs-security-requirements.all@ietf.org;
> draft-hares-i2rs-auth-trans.all@ietf.org
> Cc: Stephen Farrell; Kathleen Moriarty; IETF SecDir
> Subject: Early SecDir Reviews
> 
> Please find the requested SecDir reviews.
> 
> Russ
> 
>