[anonsec] WG-LC: draft-ietf-btns-prob-and-applic-04
Miika Komu
miika at iki.fi
Fri Dec 8 02:41:08 PST 2006
On Wed, 6 Dec 2006, Julien Laganier wrote:
> On Tuesday 05 December 2006 12:15, Love Hörnquist
> Åstrand wrote:
>> 20 nov 2006 kl. 17.12 skrev Love Hörnquist Åstrand:
>>> To verify the consensus of the wg and catch the
>>> the last errors before sending of the document to
>>> IESG I'm issuing a WG last call of
>>>
>>> Problem and Applicability
>>> Statement for Better Than Nothing Security (BTNS)
>>>
>>> http://www.ietf.org/internet-drafts/draft-ietf-btn
>>> s-prob-and- applic-04.txt
>>
>> I've so far not seen one comment on the document,
>> neither positive nor negative.
>
> I finally managed to read the document, and I thought
> it well written and ready to be sent to IESG.
Agree. Some editorial nits below.
I had some troubles in understanding initially the loosely defined term
"authentication" in the context of the draft but I think it is now more
clear. Particularly, the term "PKI" is mentioned quite late in the draft,
which is IMHO connected to the authentication term and to the motivation
of the whole draft.
HIP is mentioned in section 2.2.1 briefly. Perhaps you could also mention
that HIP has implicit channel binding mechanisms and reference RFC4423,
HIP base draft or draft-ietf-hip-applications-00. In addition, the claim
"such modifications are, at best, temporary patches to the ubiquitous
vulnerability to spoofing attacks" requires some further explanation at
least in the context of HIP.
--
Miika Komu http://www.iki.fi/miika/
More information about the ANONSEC
mailing list