At Tue, 14 Feb 2017 10:27:39 -0800, Kathleen Moriarty wrote: > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thanks for your work on this draft. The first question is more of a nit, > the second is more important. > > Section 9.1 > I suggest saying man-in-the-middle instead of monkey-in-the-middle as we > use the latter typically in documents and I don't think there's anything > particularly unique to a monkey-in-the-middle attack, but correct me if I > am wrong. I think it's just an alternate name for man-in-the-middle as > result of Dug Song's tool sniff on monkey.org. If monkey-in-the-middle > is important for some reason, could you include a reference?
Authors are unrepentant middle-aged hippies who prefer to avoid gratuitously sexist language even when it is traditional. > Section 9.3 > Why isn't MD5 deprecated or discouraged more in this section? Unchanged from RFC 6810, as, sadly, is the implementation status of better channel security mechanisms on the relevant platforms. Since we have no realistic hope of belling that particular cat anytime soon, we did not think it productive to reopen that discussion. See discussion of Transport Security in Security Considerations. _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
