Re: [weirds] draft-ietf-weirds-rdap-sec-09
"Hollenbeck, Scott" <shollenbeck@verisign.com> Wed, 22 October 2014 17:51 UTC
Return-Path: <shollenbeck@verisign.com>
X-Original-To: weirds@ietfa.amsl.com
Delivered-To: weirds@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B87921ACE86 for <weirds@ietfa.amsl.com>; Wed, 22 Oct 2014 10:51:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lrOPA97WnWRg for <weirds@ietfa.amsl.com>; Wed, 22 Oct 2014 10:51:34 -0700 (PDT)
Received: from exprod6og115.obsmtp.com (exprod6og115.obsmtp.com [64.18.1.35]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA7A41ACEB5 for <weirds@ietf.org>; Wed, 22 Oct 2014 10:51:11 -0700 (PDT)
Received: from brn1lxmailout02.vcorp.ad.vrsn.com ([72.13.63.42]) (using TLSv1) by exprod6ob115.postini.com ([64.18.5.12]) with SMTP ID DSNKVEfujwWeqKQQC5t+8jn4Pb+4bbpXeP/f@postini.com; Wed, 22 Oct 2014 10:51:14 PDT
Received: from brn1wnexcas01.vcorp.ad.vrsn.com (brn1wnexcas01.vcorp.ad.vrsn.com [10.173.152.205]) by brn1lxmailout02.vcorp.ad.vrsn.com (8.13.8/8.13.8) with ESMTP id s9MHpAIk013249 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 22 Oct 2014 13:51:10 -0400
Received: from BRN1WNEXMBX01.vcorp.ad.vrsn.com ([::1]) by brn1wnexcas01.vcorp.ad.vrsn.com ([::1]) with mapi id 14.03.0174.001; Wed, 22 Oct 2014 13:51:09 -0400
From: "Hollenbeck, Scott" <shollenbeck@verisign.com>
To: "MORTON, ALFRED C (AL)" <acm@research.att.com>, "draft-ietf-weirds-rdap-sec.all@tools.ietf.org" <draft-ietf-weirds-rdap-sec.all@tools.ietf.org>
Thread-Topic: draft-ietf-weirds-rdap-sec-09
Thread-Index: AQHP5uDcPsELcqXJ5UiVxA6l2ir9qpw8c3vQ
Date: Wed, 22 Oct 2014 17:51:09 +0000
Message-ID: <831693C2CDA2E849A7D7A712B24E257F494F1A0A@BRN1WNEXMBX01.vcorp.ad.vrsn.com>
References: <4AF73AA205019A4C8A1DDD32C034631D797C6138@NJFPSRVEXG0.research.att.com>
In-Reply-To: <4AF73AA205019A4C8A1DDD32C034631D797C6138@NJFPSRVEXG0.research.att.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.173.152.4]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/weirds/F7Pvx31IV3HvvICgh9zD9SuX3QM
Cc: "ops-ads@tools.ietf.org" <ops-ads@tools.ietf.org>, "ops-dir@tools.ietf.org" <ops-dir@tools.ietf.org>, "weirds@ietf.org" <weirds@ietf.org>
Subject: Re: [weirds] draft-ietf-weirds-rdap-sec-09
X-BeenThere: weirds@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "WHOIS-based Extensible Internet Registration Data Service \(WEIRDS\)" <weirds.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/weirds>, <mailto:weirds-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/weirds/>
List-Post: <mailto:weirds@ietf.org>
List-Help: <mailto:weirds-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/weirds>, <mailto:weirds-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Oct 2014 17:51:36 -0000
> -----Original Message----- > From: MORTON, ALFRED C (AL) [mailto:acm@research.att.com] > Sent: Monday, October 13, 2014 8:26 AM > To: draft-ietf-weirds-rdap-sec.all@tools.ietf.org > Cc: ops-dir@tools.ietf.org; ops-ads@tools.ietf.org > Subject: draft-ietf-weirds-rdap-sec-09 > > OPS-DIR review of draft-ietf-weirds-rdap-sec-09 > > OPS-DIR reviews are primarily for the ops-area directors. > Authors should treat this review as they would any > LAST CALL comments. > > Summary: Ready, one suggestion below, also see SEC-DIR review > when available. > > regards, > Al > > One goal of RDAP is to provide security services that > do not exist in the WHOIS protocol. RDAP itself > is described in multiple documents. > This document describes information security services for RDAP, > including authentication, authorization, > availability, data confidentiality, and data integrity. > It provides the requirements for selected security protocols > from among many choices. Where multiple choices are allowed, > interoperability has been considered and addressed (sec 3.1). > > However, the sentence at the end of 3.1: > Work on HTTP authentication methods continues. RDAP ought to be > agile enough to support additional methods as they are defined. > > cannot be a requirement, and it might be phrased more positively > as: > Work on HTTP authentication methods continues. RDAP is designed to > be > agile enough to support additional methods as they are defined. > (assuming others agree this is true) Thank you. I'll make this change. Scott
- Re: [weirds] draft-ietf-weirds-rdap-sec-09 Hollenbeck, Scott