Hi Mohit, Thanks for the review! You can find an updated version of the document here:
https://ietf-tapswg.github.io/draft-ietf-taps-transport-security/draft-ietf-taps-transport-security.html <https://ietf-tapswg.github.io/draft-ietf-taps-transport-security/draft-ietf-taps-transport-security.html> Regarding the title, we believe that the current version is correct, since "Transport Services” itself is about the interaction between apps and transport protocols; thus by adding security to the mix, we are still referring to the interface to applications. More importantly, the authors believe that the first sentence of the abstract does indicate this clearly: "This document provides a survey of commonly used or notable network security protocols, with a focus on how they interact and integrate with applications and transport protocols.” We did incorporate the editorial points you brought up. Thanks for pointing those out! Thanks, Tommy > On Apr 2, 2020, at 5:03 AM, Eric Vyncke (evyncke) > <[email protected]> wrote: > > Thank you Mohit for the review. > > I will take it into account for my ballot position. > > Regards > > -éric > > -----Original Message----- > From: Iot-directorate <[email protected]> on behalf of Mohit > Sethi via Datatracker <[email protected]> > Reply-To: Mohit Sethi <[email protected]> > Date: Wednesday, 1 April 2020 at 12:45 > To: "[email protected]" <[email protected]> > Cc: "[email protected]" <[email protected]>, > "[email protected]" > <[email protected]>, "[email protected]" > <[email protected]> > Subject: [Iot-directorate] Iotdir telechat review of > draft-ietf-taps-transport-security-11 > > Reviewer: Mohit Sethi > Review result: Ready with Nits > > This document provides a summary of common security protocols. It then > discusses the interfaces that exist between applications and security > protocols > as well as security protocols and transport services. > > Major issues: The document header says that this document is about > interfaces > between security protocols and transport services. Yet, later on, I find > that > the document is also discussing the interfaces between security protocols > and > applications. Perhaps you could add 'applications' to the title -> > 'Interaction > Between Applications, Security Protocols, and Transport Services' > > Editorial issues: > - Instead of saying 'This protocol obsoletes TCP MD5 "signature" options', > can > we say 'TCP-AO obsoletes....' to avoid confusion of what is 'this' - Please > expand 'and IPsec AH [RFC4302]' -> IP Authentication Header - Are you > talking > about cryptographic agility here 'security protocols: confidentiality, > privacy > protections, and agility.' ? - Consider changing 'interface surface > exposed '-> > interface exposed by'. Otherwise it sounds too similar to attack surface > exposed. - Expand EAP and reference RFC3748. - Perhaps you could say that > Source Address Validation (SAV) to prevent DoS is relevant for protocols > that > use unreliable transport? > > > -- > Iot-directorate mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/iot-directorate > > > -- > last-call mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/last-call
_______________________________________________ Taps mailing list [email protected] https://www.ietf.org/mailman/listinfo/taps
