[stir] Éric Vyncke's No Objection on draft-ietf-stir-oob-06: (with COMMENT)
Éric Vyncke via Datatracker <noreply@ietf.org> Tue, 03 December 2019 16:13 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: stir@ietf.org
Delivered-To: stir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 01F5112006D; Tue, 3 Dec 2019 08:13:57 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Éric Vyncke via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-stir-oob@ietf.org, Robert Sparks <rjsparks@nostrum.com>, stir-chairs@ietf.org, rjsparks@nostrum.com, stir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.111.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Éric Vyncke <evyncke@cisco.com>
Message-ID: <157538963691.24732.7092855063757233926.idtracker@ietfa.amsl.com>
Date: Tue, 03 Dec 2019 08:13:56 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/itkKEnwaPxeAMH2hWeRLEChlFQQ>
Subject: [stir] Éric Vyncke's No Objection on draft-ietf-stir-oob-06: (with COMMENT)
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Dec 2019 16:13:57 -0000
Éric Vyncke has entered the following ballot position for draft-ietf-stir-oob-06: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-stir-oob/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thank you for the work put into this document. BTW, I second Mirja's question about the doc status. Else, see below for minor COMMENTs. Regards, -éric == COMMENTS == -- Section 4 -- It is really unclear to me how the system could work if there is no discovery mechanisms for the CPS (even if section 10 is devoted to discovery). Else, I am fearing having one CPS per smart phone OS or any other fragmentation... -- Section 6 -- " transport-level security can provide confidentiality from eavesdroppers for both the storage", while I agree that TLS provides confidentiality for eavesdroppers, I wonder how it can protect the storage (data at rest) ? Or am I reading the sentence incorrectly ? -- Section 7.4 -- Should this section "Substitution Attacks" be a sub-section of section 7.3 "Security Analysis" ? In the time diagram, it is not clear at reading the figure what CS stands for (need to read the text below) also unclear who is initiating 'Call from CS': is it the attacker?
- [stir] Éric Vyncke's No Objection on draft-ietf-s… Éric Vyncke via Datatracker