I have uploaded a new version of the TLSTM document. This version clarifies the process to update the SNMP-TLSTM registry and clearly indicates the existing assignments while prohibiting the use of 'none', 'md5', and 'sha1'.
The only open issue at this time is the following paragraph: > In addition, a new entry MUST be added to the SNMP-TLSTM HashAlgorithm > Registry every time a new hash algorithm is approved for any version of TLS > or DTLS. A separate entry MUST NOT be created when an existing hash algorithm > is used as a part of a new (D)TLS cipher suite. The question is whether this creation of entries in the table should be automatic or not based on adoption in TLS. At IETF 113, I believe there was a request to include this requirement but Jurgen Schonwalder suggested that we should only add values when there is a known need. I can see the argument either way; however, I note that the currently TLS cipher suite list is quite long and requiring IANA to determine when a cipher suite contains a new hash algorithm might be more than a strictly administrative process (I am guessing that the IANA people involved could probably do this, but that is a guess as I do not know who they are and this might change over time?). So after further review, I am leaning towards removing this paragraph unless I hear objections from the group. Of course, any time that a new algorithm is needed, it can be requested through the expert review process. NOTE: Once it was uploaded, I also noted a couple of typos that I will fix in the next version: The text "Table 1:" is duplicated in the caption The last two rows should have a description of "reserved" and "private" with a blank "Recommended" value rather than "none" and "N" Regards, Ken Vaughn Trevilon LLC 6606 FM 1488 RD #148-503 Magnolia, TX 77354 +1-936-647-1910 +1-571-331-5670 cell kvau...@trevilon.com www.trevilon.com > On May 16, 2022, at 12:15 PM, IETF I-D Submission Tool > <idsubmiss...@ietf.org> wrote: > > > Hi, > > The IETF datatracker draft submission service has received your draft > draft-ietf-opsawg-tlstm-update-04, and requires a > confirmation step in order to be able to complete the posting of > the draft. > Please follow this link to the page where you can confirm the posting: > > https://datatracker.ietf.org/submit/status/126220/confirm/3f07733edea0cb076e0aa4aca0463d94/ > > > Best regards, > > The IETF Secretariat > through the draft submission service > > > >
_______________________________________________ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg
