> On 4.12.2015, at 18.51, Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote: > Thanks for addressing my discuss about the options for > using DTLS. Sorry for being slow with this ballot update. > > The comments below are old, I didn't check if you've > made related changes. Happy to chat about that if you > want, (or not if you prefer not:-) > > - I agree with Kathleen's discuss that the implementation > requirements for DTLS need to be clarified, hopefully (from my > POV) to make that MTI but I'll leave that discussion to the > other thread.
We did some text clarification on this I believe in -10. > -Section 9: You should refer to HKDF and not HMAC-SHA256 though > the reference to RFC 6234 is still right. HMAC-SHA256 itself > is not a key derivation function, which is what you want here. Fixed in -10 (really sad failure on my part :-p) > - Please take a look at the secdir review [1] and respond to > that as it raises one issue not (I think) otherwise mentioned. > What is the effect (on a home) of one compromised hncp router? > Perhaps you'll say that's obvious, or perhaps not, but I'm > interested in what you do say, in case it's not obvious:-) There's text about that in the security considerations, I believe. (Pointer in the -09 DISCUSS thread IIRC). Cheers, -Markus _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet