Reviewer: Mohit Sethi Review result: Ready with Nits This document provides a summary of common security protocols. It then discusses the interfaces that exist between applications and security protocols as well as security protocols and transport services.
Major issues: The document header says that this document is about interfaces between security protocols and transport services. Yet, later on, I find that the document is also discussing the interfaces between security protocols and applications. Perhaps you could add 'applications' to the title -> 'Interaction Between Applications, Security Protocols, and Transport Services' Editorial issues: - Instead of saying 'This protocol obsoletes TCP MD5 "signature" options', can we say 'TCP-AO obsoletes....' to avoid confusion of what is 'this' - Please expand 'and IPsec AH [RFC4302]' -> IP Authentication Header - Are you talking about cryptographic agility here 'security protocols: confidentiality, privacy protections, and agility.' ? - Consider changing 'interface surface exposed '-> interface exposed by'. Otherwise it sounds too similar to attack surface exposed. - Expand EAP and reference RFC3748. - Perhaps you could say that Source Address Validation (SAV) to prevent DoS is relevant for protocols that use unreliable transport? _______________________________________________ Taps mailing list [email protected] https://www.ietf.org/mailman/listinfo/taps
