[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Status of: draft-ietf-rap-cops-tls-10.txt

To: "Rap-wg (E-mail)" <rap@ops.ietf.org>
Subject: Status of: draft-ietf-rap-cops-tls-10.txt
From: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>
Date: Fri, 4 Feb 2005 00:08:17 +0100

Now with proper subject line.

-----Original Message-----
From: Wijnen, Bert (Bert) 
Sent: Friday, February 04, 2005 00:05
To: 'amol.kulkarni@intel.com'; 'jesse.walker@intel.com'
Cc: Scott Hahn (E-mail); Rap-wg (E-mail)
Subject: Status of:

The doc is still in IETF Last Call (up till Feb 08).

However, the IESG did discuss it on the IESG telechat today.

Here are the comments:

  Harald Alvestrand:
  Comment:
  [2005-02-03] Reviewed by Lucy Lynch, Gen-ART

  No show-stopper comments. Review in document comments.
  See http://www.alvestrand.no/ietf/gen/reviews/draft-ietf-rap-cops-tls-10-lynch.txt

Basically that says everything is fine, module the RFC-Editor notes
that I already have recorded (quite a list).

  Sam Hartman:
  Comment:
  [2005-02-03] Section 9 of rfc 2246 says:

  In the absence of an application profile standard specifying
  otherwise, a TLS compliant application MUST implement the cipher
  suite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA.
  Are you sure that's the cipher you want to require people to
  implement?  RSA seems more common today.  If that's what you want the
  current text is fine.

So pls let me know if you were indeed aware of that and if that
is what you want.

I propose that the authors prepare a new revision with any changes
they may want to make because of the above, plus the 
changes below (as discussed earlier). Then be ready to submit
to internet-drafts@ietf.org BEFORE noon US Eastern on Monday, so
it will get posted on Monday and so that we can get it
approved on Tuesday. Note that I will be offline for an
extended period of time after Tuesday (my tuesday in Europe).

Bert
on first Page (Status of this Memo):
OLD TEXT:
---------
...section 3 of RFC 3667 [RFC3667].  By submitting this...

NEW TEXT:
---------
...section 3 of RFC 3667.  By submitting this...

====================================

Section 5.1
OLD TEXT:
----------
<Client-Accept> ::= <Common Header>
                    <KA Timer>
                    [<ACCT Timer>]
                    [<Integrity (C-Num=16, C-Type=2)>]

NEW TEXT:
---------
<Client-Accept> ::= <Common Header>
                    <KA Timer>
                    [<ACCT Timer>]
                    [<Integrity (C-Num=16, C-Type=2)>]

Note also that this new format of the Client-Accept message does not
replace or obsolete the existing Client-Accept message format, which can
continue to be used for non-secure COPS session negotiations. 

======================================

Section 9
OLD TEXT:
----------
For the Integrity-TLS object for Client-Type 0, the IANA shall add the
following Flags value:
0x01 = StartTLS

NEW TEXT:
----------

The IANA shall add the following C-Num, C-Type combination for the
Integrity-TLS object to the registry at
http://www.iana.org/assignments/cops-parameters:
0x10  0x02    Message Integrity, Integrity-TLS      [RFCxxxx]

For Client-Type 0, the IANA shall add the following Flags value for the
Integrity-TLS object:
0x01 = StartTLS

Further, for Client-Type 0, the IANA shall add the following text for
Error Sub-Codes:
Error Code: 15
Error Sub-Code:
Octet 2: C-Num of the Integrity object
Octet 3: C-Type of the supported/preferred Integrity object or
                Zero.

Error-Code    Error-SubCode      Description
            Octet 2  Octet 3  
---------------------------------------------------
  15          16        0        No security 
  15          16        2        Integrity-TLS supported/preferred

=====================================

Section 11.1
OLD TEXT:
---------
[RFC2026] Bradner, S., "The Internet Standards Process - Revision 3",
RFC 2026, October 1996

NEW TEXT:
---------
(delete OLD TEXT)

OLD TEXT: 
----------
[RFC3280]...

NEW TEXT (add citation before RFC3280 citation):
-------------------------------------------------
[RFC2753] Yavatkar, R., Pendarakis, D., Guerin, R., "A Framework for
Policy-based Admission Control", RFC 2753, January 2000.

[RFC3280]...

==============================

Section 11.2
OLD TEXT:
---------
[RFC3207] Hoffman, P., "SMTP Service Extension for Secure SMTP 
  over Transport Layer Security", RFC 3207, February 2002.

NEW TEXT:
---------
(delete OLD TEXT)

Prev by Date: Status of:
Next by Date: I-D ACTION:draft-ietf-rap-cops-tls-11.txt
Previous by thread: Status of:
Next by thread: I-D ACTION:draft-ietf-rap-cops-tls-11.txt
Index(es):
- Date
- Thread