Re: [secdir] Secdir review of draft-altmann-tls-channel-bindings-10

[Paul Hoffman <phoffman@imc.org>]

Given that I have made this same copy-and-paste error in the past: this review is for draft-c1222-transport-over-ip, not the one in the Subject: line.

At 10:31 AM -0700 6/27/10, Magnus Nyström wrote:
>I have reviewed this document as part of the security directorate's
>ongoing effort to review all IETF documents being processed by the
>IESG.  These comments were written primarily for the benefit of the
>security area directors.  Document editors and WG chairs should treat
>these comments just like any other last call comments.
>
>This document defines a framework for transporting ANSI C12.22
>advanced metering infrastructure (AMI) messages on IP networks.
>
>AMI is intended for interaction with various types of utility meters;
>as such, it is clear that security services such as data authenticity,
>integrity and confidentiality will be quite important.  This draft
>defers to ANSI C12.22 for application-layer security and states that
>any transport (or IP) network layer security security functionality
>shall act "only to enhance and preserve [and] ... not be a substitute
>for ... ANSI C12.22 ... security provisions." This is all good but I
>have not had access to C12.22 for this review and so cannot comment
>further on it. It seems to me, however, that the layering of C12.22
>on top of IP networks may warrant a discussion about potential methods
>to enhance C12.22 security? For example, could privacy be enhanced
>beyond what C12.22 offers through use of a transport network's
>confidentiality services?
>
>Other than this I have no particular comments on this draft; it reads
>good to me.
>-- Magnus
>_______________________________________________
>secdir mailing list
>secdir@ietf.org
>https://www.ietf.org/mailman/listinfo/secdir