[Taps] comments on draft-pauly-taps-transport-security-02.txt
"Aaron Falk" <aaron.falk@gmail.com> Sat, 17 March 2018 14:53 UTC
Return-Path: <aaron.falk@gmail.com>
X-Original-To: taps@ietfa.amsl.com
Delivered-To: taps@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7788127978 for <taps@ietfa.amsl.com>; Sat, 17 Mar 2018 07:53:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YjL2axpDFZup for <taps@ietfa.amsl.com>; Sat, 17 Mar 2018 07:53:48 -0700 (PDT)
Received: from mail-wr0-x22a.google.com (mail-wr0-x22a.google.com [IPv6:2a00:1450:400c:c0c::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 387671242EA for <taps@ietf.org>; Sat, 17 Mar 2018 07:53:48 -0700 (PDT)
Received: by mail-wr0-x22a.google.com with SMTP id u46so329483wrc.11 for <taps@ietf.org>; Sat, 17 Mar 2018 07:53:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=Lp0LhcLGvszu8PPj1zSm/M/B68OTyP2P2YUYN3xaM0o=; b=oSPPRdrudrkChab1NhT1/Skzh5lqOjeNJPADfeZt+OUSjwU6lz7C/13jcfTUY23RFV 0CLBGgfsRvrN5PEZeMRGqBZ//JXfuqxXXuNLDQo65H8D/UForETj/duxx5rKw6xXRlL9 V2LeZ0LRNRqpuJiuAm0M1V2nOc3ci27dPPuyGApB7iV0+22LdAZx+RaA1t3tFadgCsMG y+xAPO1blfe35xIsxyaMEVylfwnvZKR9ZNMkDDKZagWC5qG7npg9DQapbFNFJHtzgL8T DcvcyEpLoydV8Vn97dwF0uageipYlSxFVIIZJFy2xOoayI47oDuAb2s7Ju+Py+GpgWW+ 1kdg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=Lp0LhcLGvszu8PPj1zSm/M/B68OTyP2P2YUYN3xaM0o=; b=IDyWnYAymz05FZ+lYbiCz9KUQ5HJlGrGbEqeM051ug3nWt888ppPa9Kb2bindVWTrB h9FnAmSYkPUfsTbK/RrJ99OPdhgE9gaKzablKpKMDZcXXX0kFj9vT2RN3p08RaE5LtBo pT5unU2AulT11wV5ydwQkilDaRvoqmNROSkjlEjquhdx4WL0vVYyygqPqEQ1Xrje73EF EUL6PYU0L4CnImuRDjGuNkoBnt7XTt1mh30vxYolezWjsKNiwWTGo8CAopE6xj5ov1CW m2B6s9rXW56Uo/1L3W/2vrPAw7A1v1tlCLZTSOhjUCZS8GeBRj7yYgA5WC1CaRpCaTQW rJEQ==
X-Gm-Message-State: AElRT7Gbnvn3EAwb25t10jPpMqGPyEQDCAu6KMkavnp2WpDIzMznTger +PqvwB/JS/Zt5coBp1D2BP4=
X-Google-Smtp-Source: AG47ELtbW5GqF/HNi6CU6CEOAPlk8aF5kKpW8rZ4bgJB3EXmNxvHLAacCCbwN/R/HMuAKar5uJFFkg==
X-Received: by 10.223.195.116 with SMTP id e49mr4540557wrg.5.1521298426524; Sat, 17 Mar 2018 07:53:46 -0700 (PDT)
Received: from [172.19.152.112] ([2001:67c:1232:144:adee:22ea:9c7e:d589]) by smtp.gmail.com with ESMTPSA id k44sm358499wrk.6.2018.03.17.07.53.45 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 17 Mar 2018 07:53:45 -0700 (PDT)
From: Aaron Falk <aaron.falk@gmail.com>
To: Christopher Wood <christopherwood07@gmail.com>, Tommy Pauly <tpauly@apple.com>, Colin Perkins <csp@csperkins.org>, Kyle Rose <krose@krose.org>
Cc: taps WG <taps@ietf.org>
Date: Sat, 17 Mar 2018 14:53:44 +0000
X-Mailer: MailMate (1.11r5462)
Message-ID: <D5B9318B-525D-4A4D-9520-696406421F13@gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="=_MailMate_6E74F880-3E4A-4D94-849C-7EC5AB598526_="
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/taps/btuhUtfBao3ha5QiNZBhnlYTQ9A>
Subject: [Taps] comments on draft-pauly-taps-transport-security-02.txt
X-BeenThere: taps@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IETF Transport Services \(TAPS\) Working Group" <taps.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/taps>, <mailto:taps-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/taps/>
List-Post: <mailto:taps@ietf.org>
List-Help: <mailto:taps-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/taps>, <mailto:taps-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Mar 2018 14:53:50 -0000
A few comments on the draft below. --aaron ---- Introduction (sec 1): * I think it’s missing a statement describing why you chose this set of protocols. You point out why you don’t include auth-only protocols but why (only) these? Are you including all of the IETF transport security protocols? If not, why not? For the non-IETF protocols, why these? The intro to Sec 3 says they are “security protocols that are currently used to protect data”. Terminology (sec 2): * Is ‘network security layer’ a well-defined term? Does it mean something like “a security service provided by the network layer to the transport layer”? Maybe worth including a definition. * Can security features exist above the transport layer? gQUIC (sec 3.4) * RFCs take a long time to publish and live forever. Given that, does documenting gQUIC make sense in that context? Do you expect it to be around for a long time? Are there functional differences from QUIC w/ TLS that distinguish it? MinimalT (sec 3.5) * I confess I’ve never heard of it. The draft doesn’t include a citation. Is there no RFC? Seems odd to me that it is “built on top of a widespread directory service” but the directory service isn’t identified.
- [Taps] comments on draft-pauly-taps-transport-sec… Aaron Falk
- Re: [Taps] comments on draft-pauly-taps-transport… Christopher Wood
- Re: [Taps] comments on draft-pauly-taps-transport… Aaron Falk
- Re: [Taps] comments on draft-pauly-taps-transport… Christopher Wood