Kathleen Moriarty <kathleen.moriarty.i...@gmail.com> writes: > Thanks for your work on this draft and experiment. I just have one > comment that I don't think has been mentioned already. In section 4, > could you include reference to Opportunistic security, RFC7435. The > definition has changed slightly over time and it would be good to link > this to the current definition that is intended. The work on 7435 was > painstaking and the definition varies a bit in older specs. I do > realize you describe this more in the security considerations section, > but it is much later in the document, so this seemed like an easy fix.
Would you be okay if we cited RFC7435 in the security considerations section (10), rather than section 4? My issue is that the term "opportunistic security" entails some subjective judgment (like the fact that it is a form of security) that requires some context I don't really want to get into at the beginning of Section 4. Section 4 is trying to be an objective specification of what the protocol does with just the minimal rationale necessary for it to make sense. The security considerations section already gets into detail about security, which is why RFC7435 would seem to fit well there. Thanks, David _______________________________________________ Tcpinc mailing list Tcpinc@ietf.org https://www.ietf.org/mailman/listinfo/tcpinc
