Hello. Regarding proventication. I suggest to avoid this term as I already mentioned in the working group session.
Regarding 4.1.2. I agree that the chain of trust is necessary. But I strongly suggest not to require that the chain of trust has to be identical to the chain of time synchronization. I agree that the security mechanism MUST support an operational mode in which the chain of time synchronization is included in the chain of trust but it should not be mandatory mode. So the requirement is that the security mechanism MUST support an operational mode in which the chain of trust includes the time master in cases where an end-to-end authentication of the master is not possible. Dieter ---------------------------------- Physikalisch-Technische Bundesanstalt Q.42 - Server Administration Bundesallee 100 D-38116 Braunschweig Tel: +49-531-592-84 20 E-Mail: [email protected] Von: Tal Mizrahi <[email protected]> An: "[email protected]" <[email protected]>, Datum: 02.08.2012 18:10 Betreff: [TICTOC] TICTOC Security Requirements Gesendet von: [email protected] Hi, http://tools.ietf.org/html/draft-ietf-tictoc-security-requirements-02 Following this week’s TICTOC meeting: 1. We plan to release draft 03 within a month, and proceed to WG last call. 2. Therefore, I will appreciate if people can send any comments they may have by Aug 22. 3. There was some discussion about the “proventication” requirement. I would like to suggest to change the terminology in the document, since I understand this term is not very popular. However, I believe that the requirement for a chain of trust is still an important and valid requirement. Please comment if you think otherwise. Thanks, Tal. _______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
