[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Fwd: RE: WG Last-Call (WGLC) for comments: draft-ietf-ipdvb-sec-req-08]
Hi Laurence,
also many thanks for your review and comments. Replies are inline.
------------------------------------------------------------------------
*From:* Laurence.Duquerroy@esa.int [mailto:Laurence.Duquerroy@esa.int]
*Sent:* Thu 7/31/2008 13:02
*To:* Cruickshank HS Dr (CCSR)
*Cc:* gorry@erg.abdn.ac.uk; Stephane.Combes@esa.int
*Subject:* RE: WG Last-Call (WGLC) for comments:
draft-ietf-ipdvb-sec-req-08
Dear Haitham,
I reviewed the draft this morning. It is now in a very good shape. I
just have a couple of comments, that you can find below:
* page 12 - in the case 2 description: I don't understand why req2
(protection of NPA address) is associated with MAC, digital
signatures or TESLA...Is it not included with the Case 1
requirements?
Yes, you're right, we removed Req2 from Case 2.
* page 12 - in the case 2 description: " In terms of outsiders
attacks, group authentication using MAC should provide the same
level of security ": as what ? I am not sure that the meaning of
this sentence is very clear.
Agreed, not very clear. We'll just say "In terms of outsider attacks,
group authentication using MACs can provide the required level of
security (Req 3 and 5)." now.
* page 21 - A.1.2: Identity protection is not included in the list
of security feautres that the new security ext header will
provide. However in section 5 - p 13, this feature belongs to the
base profile.
Yes, added.
And a couple of corrections (between dash)
* page 4 : the all-zeros PID as well as other PID values * - *are -
reserved
* page 14: the security threats and requirement-s- presented in this
document
* page 20: (shown as the key Management Group server block in figure
2 - ) -
* page 22 : GCKS : the signification of this acronym is missing
Ok, fixed that.
Best regards,
Laurence
Laurence Duquerroy
ESA / ESTEC TEC-ETC
Laurence.Duquerroy@esa.int
+31 (0)71 565 6312
Michael