Re: [Taps] Intdir telechat review of draft-ietf-taps-transport-security-11
Tommy Pauly <tpauly@apple.com> Wed, 22 April 2020 17:06 UTC
Return-Path: <tpauly@apple.com>
X-Original-To: taps@ietfa.amsl.com
Delivered-To: taps@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 254703A1080; Wed, 22 Apr 2020 10:06:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WjV3A6E2C_An; Wed, 22 Apr 2020 10:06:57 -0700 (PDT)
Received: from nwk-aaemail-lapp02.apple.com (nwk-aaemail-lapp02.apple.com [17.151.62.67]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FBD93A1078; Wed, 22 Apr 2020 10:06:57 -0700 (PDT)
Received: from pps.filterd (nwk-aaemail-lapp02.apple.com [127.0.0.1]) by nwk-aaemail-lapp02.apple.com (8.16.0.42/8.16.0.42) with SMTP id 03MH3B0A006480; Wed, 22 Apr 2020 10:06:57 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=from : message-id : content-type : mime-version : subject : date : in-reply-to : cc : to : references; s=20180706; bh=iLoa211vpIydczjjTYsXa2cqzjwwIJeoMj1zDvvDYDU=; b=L/GSox6uUHZk8VJOFx6wmg1MRu43YKk97qwkMys+nbTSX2hk7IGihbQ5CflOmVkjdb0C h3ZJGGdUxsU93cgd1IZ0mpaeHCTLU+uv8HqUnhlKtWu5gpvRrq1C6VSzeB952REnogen /eftQgOpg6VyvMwS4HvTyI5RwolZmq9bv5xIDpw4JEn4IlHzyB/TZ2sk6qB4xQBtQEtr u0bTZ90X/nGl5l6TVGWwZoBEThAPF/F+oIBPSiJsiDPD/LCx3Ur4U6tH7ZWNCCd8Yo0H MTQcTv+dv1GrH7Rk99L4XDehFUaSz2BfLGRvU8tz43p42oL5CzYy05kaDdRXQ4dt/WVg KA==
Received: from rn-mailsvcp-mta-lapp03.rno.apple.com (rn-mailsvcp-mta-lapp03.rno.apple.com [10.225.203.151]) by nwk-aaemail-lapp02.apple.com with ESMTP id 30hhyh26hj-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Wed, 22 Apr 2020 10:06:57 -0700
Received: from rn-mailsvcp-mmp-lapp03.rno.apple.com (rn-mailsvcp-mmp-lapp03.rno.apple.com [17.179.253.16]) by rn-mailsvcp-mta-lapp03.rno.apple.com (Oracle Communications Messaging Server 8.1.0.5.20200312 64bit (built Mar 12 2020)) with ESMTPS id <0Q97004478VI0980@rn-mailsvcp-mta-lapp03.rno.apple.com>; Wed, 22 Apr 2020 10:06:54 -0700 (PDT)
Received: from process_milters-daemon.rn-mailsvcp-mmp-lapp03.rno.apple.com by rn-mailsvcp-mmp-lapp03.rno.apple.com (Oracle Communications Messaging Server 8.1.0.5.20200312 64bit (built Mar 12 2020)) id <0Q9700L008PIX500@rn-mailsvcp-mmp-lapp03.rno.apple.com>; Wed, 22 Apr 2020 10:06:54 -0700 (PDT)
X-Va-A:
X-Va-T-CD: d95fcd35aa404efb0fffbb8d55224633
X-Va-E-CD: 6b4d5a61bbb8fd376cfbb1aa7d04077d
X-Va-R-CD: c6dd971ec176bf7e1f436e0bcf5f43eb
X-Va-CD: 0
X-Va-ID: 8941235d-e905-4f5e-a169-876120fd6ca8
X-V-A:
X-V-T-CD: d95fcd35aa404efb0fffbb8d55224633
X-V-E-CD: 6b4d5a61bbb8fd376cfbb1aa7d04077d
X-V-R-CD: c6dd971ec176bf7e1f436e0bcf5f43eb
X-V-CD: 0
X-V-ID: 951dc5f9-5a95-477f-98a1-f8741ae94280
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.676 definitions=2020-04-22_06:2020-04-22, 2020-04-22 signatures=0
Received: from [17.232.192.67] (unknown [17.232.192.67]) by rn-mailsvcp-mmp-lapp03.rno.apple.com (Oracle Communications Messaging Server 8.1.0.5.20200312 64bit (built Mar 12 2020)) with ESMTPSA id <0Q97005SZ8VHC300@rn-mailsvcp-mmp-lapp03.rno.apple.com>; Wed, 22 Apr 2020 10:06:54 -0700 (PDT)
From: Tommy Pauly <tpauly@apple.com>
Message-id: <BE6066DF-D9C8-47C2-94D8-D45C0D24EB0E@apple.com>
Content-type: multipart/alternative; boundary="Apple-Mail=_865B6BD0-1F0C-4DF5-B416-32EE22D84BC0"
MIME-version: 1.0 (Mac OS X Mail 13.4 \(3608.80.7.2.3\))
Date: Wed, 22 Apr 2020 10:06:52 -0700
In-reply-to: <158591580027.17912.14591985076306660054@ietfa.amsl.com>
Cc: int-dir@ietf.org, last-call@ietf.org, draft-ietf-taps-transport-security.all@ietf.org, taps@ietf.org
To: Brian Haberman <brian@innovationslab.net>
References: <158591580027.17912.14591985076306660054@ietfa.amsl.com>
X-Mailer: Apple Mail (2.3608.80.7.2.3)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.676 definitions=2020-04-22_06:2020-04-22, 2020-04-22 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/taps/UQ5nHW3-XU-hJgqu_TZ2lrYzhj0>
Subject: Re: [Taps] Intdir telechat review of draft-ietf-taps-transport-security-11
X-BeenThere: taps@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IETF Transport Services \(TAPS\) Working Group" <taps.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/taps>, <mailto:taps-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/taps/>
List-Post: <mailto:taps@ietf.org>
List-Help: <mailto:taps-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/taps>, <mailto:taps-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Apr 2020 17:06:59 -0000
Hi Brian, Thanks for the review! You can find an updated version of the document here: https://ietf-tapswg.github.io/draft-ietf-taps-transport-security/draft-ietf-taps-transport-security.html <https://ietf-tapswg.github.io/draft-ietf-taps-transport-security/draft-ietf-taps-transport-security.html> The authors discussed, and believe that SSH, L2TP, and GRE do not expose significant new surfaces for transports and applications compared to the existing protocols surveyed. We did, however, add specific text and references to those protocols in the introduction as explanation. Thanks, Tommy > On Apr 3, 2020, at 5:10 AM, Brian Haberman via Datatracker <noreply@ietf.org> wrote: > > Reviewer: Brian Haberman > Review result: Ready with Issues > > This document is a survey of network security protocols and their interaction > with transport and application protocols. It is clearly written and easy to > read. I have a minor comment on the contents of this draft. > > It is not abundantly clear what the criteria was for selecting the subset of > security protocols included in this draft. Some notable omissions include SSH, > L2TP, and GRE. These seem like interesting omissions given their popularity in > a number of deployment scenarios. Not a showstopper in my opinion, but > interesting to note. > > > _______________________________________________ > Taps mailing list > Taps@ietf.org > https://www.ietf.org/mailman/listinfo/taps
- [Taps] Intdir telechat review of draft-ietf-taps-… Brian Haberman via Datatracker
- Re: [Taps] Intdir telechat review of draft-ietf-t… Gorry Fairhurst
- Re: [Taps] Intdir telechat review of draft-ietf-t… Tommy Pauly