Roman Danyliw has entered the following ballot position for draft-ietf-emu-bootstrapped-tls-08: Discuss
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-emu-bootstrapped-tls/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- ** Section 1. Thus, the intention is that DPP is the RECOMMENDED mechanism for bootstrapping against Wi-Fi networks, and TLS-POK is the RECOMMENDED mechanism for bootstrapping against wired networks. -- Normative language is being used for [DPP], making it a normative reference -- Why is the EMU WG specifying normative requirement “against Wi-Fi networks” for a standard not specified by the IETF? -- Since normative behavior is being specified for DPP, what are DPP’s security considerations? ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- ** Section 2. In this model, physical possession of the device implies legitimate ownership. What does “legitimate ownership” mean in this context? Isn’t it just “physical control of the system”? _______________________________________________ Emu mailing list -- [email protected] To unsubscribe send an email to [email protected]
