Dear RAP community,
The following two drafts have been updated to address comments received from IESG review.
Until they are posted on the IETF web site, here is a link to them:
<ftp://standards.nortelnetworks.com/rap/draft-ietf-rap-session-auth-04.txt>
<ftp://standards.nortelnetworks.com/rap/draft-ietf-rap-rsvp-authsession-03.txt>
Here is a summary of the changes:
Document: Session authorization for RSVP
-Most changes are either related to security issues or to a lack of detailed guidance.
So we have added a lot of detailed explanations to make sure implementators had all the required
information.
-Added a new section called: 4- Integrity of the AUTH_SESSION policy element.
-Added lots of details in section 5: framework
-IANA section was totally re-written to provide detailed information about the required assignments.
-Provided more details/guidance on the format of the AUTH_SESSION fields.
-Added the generic IETF IPR section as required per RFC2026.
-Changed the DIGITAL_SIGNATURE field to AUTHENTICATION_DATA. And removed the subtypes, instead making
the algorithm used to compute the authentication data depend on the AUTH_ENT_ID SubType field.
-Added subtypes FQDN, ASCII_DN & UNICODE_DN in SOURCE_ADDR & DEST_ADDR field.
-Merged the AUTH_ENT_CRED & AUTH_ENT_ID Types - guidance provide in section 4.
Document: Framework for Session set-up with media authorization
Most comments were related to the lack of information in the security considerations section.
We have added guidance on the required security characteristics of the interfaces described in the draft.
Guidance is also provided on whether or not the tokens must be confidential as well as integrity protected.
Changed the terminology from "district" to "domain".
To both documents:
Minor editorials were made (e.g. separated the references into normative/informational.)
Cleanup to ensure consistent terminology.
Provided extra needed references.
Cheers,
Louis-Nicolas