[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Feedback on draft-ietf-rap-cops-tls-06.txt

To: "Rap-wg (E-mail)" <rap@ops.ietf.org>
Subject: Feedback on draft-ietf-rap-cops-tls-06.txt
From: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>
Date: Mon, 27 Oct 2003 12:05:39 +0100
Cc: "Uri Blumenthal (E-mail)" <uri@lucent.com>

Sorry for the long delay, but finally our Security Advisor has 
found time to review revision 6.

I hope that the authors/editors and the WG can quickly 
respond and act, so that we can now get some pressure to
complete this last RAP-WG document soon.

Thanks,
Bert 

-----Original Message-----
From: Uri Blumenthal [mailto:uri@lucent.com]
Sent: donderdag 23 oktober 2003 23:58
To: Wijnen, Bert
Cc: Blumenthal, Uri
Subject: COPS etc.3.2.1. So is at least one protocol mandatory? And why
is it valid to make them all optional?


Bert,

Sorry for prolonged silence - was sick and then took me
time to get through the e-mail piles.

Here's my review of COPS-06, please forward it to the
appropriate AD and WG chair(s).

==================================================
cops-06.txt

GENERIC COMMENTS.

I'd prefer the following important issues described
somewhere:
	- key provisioning (how the initial/first keys
	  get in);
	- key management/update;
	- key requirments. What kind of keys are accepted?
	  Public Key in X.509 format only? Anything else?
	  Any reason why neither symmetric keys nor
	  password-based methods (such as SRP, or what's in
	  SSL) are there?
	- policy - how it gets there, how it's processed,
	  what it looks like, etc. Something comparable to
	  VACM of SNMPv3...

I found the text on Access Control exceedingly muddy/unclear. I'm
coming from reasonably good understanding of Access Control, but
shallow knowledge of COPS. Request rephrasing (and maiing it
CLEARER).

Excessive use of abbreviations (PEP, PDP) without defining them
in this document doesn't help.

Otherwise the document is OK, notwithstanding the following.

SPECIFIC COMMENTS.

3.2.1.  So is at least one protocol mandatory? And why is it valid
to make them all optional?

4.4.  I'm not sure server (in the last case) should be allowed to
just proceed establishing insecure connection. Perhaps better if
the client decides how to proceed?

PDP implementations MUST NOT require use of access control?!  I'm
violently against this prohibition.

8. Forcing to choose between insecure and X.509 PKI infrastructure
is unfair and improper. Recommendation: support Web of trust,
possibly other...

PDP hostname availavle via Access Control mechanism? I don't
understand - please clarify.

9.1. And the point of backward compatibility with old insecure
implementations is...?

References. RFC2748 is not of January 200 (unless it's a part
of Gospel?).

Prev by Date: FW: RAP WG open items
Next by Date: RE: Feedback on draft-ietf-rap-cops-tls-06.txt
Previous by thread: FW: RAP WG open items
Next by thread: RE: Feedback on draft-ietf-rap-cops-tls-06.txt
Index(es):
- Date
- Thread