Crypto-Agility Requirements for Remote Authentication Dial-In User Service (RADIUS)
draft-ietf-radext-crypto-agility-requirements-07
Yes
(Dan Romascanu)
(Jari Arkko)
No Objection
(Adrian Farrel)
(David Harrington)
(Gonzalo Camarillo)
(Pete Resnick)
(Peter Saint-Andre)
(Robert Sparks)
(Ron Bonica)
(Russ Housley)
(Stewart Bryant)
(Wesley Eddy)
Note: This ballot was opened for revision 07 and is now closed.
Dan Romascanu Former IESG member
Yes
Yes
()
Unknown
Jari Arkko Former IESG member
Yes
Yes
()
Unknown
Adrian Farrel Former IESG member
No Objection
No Objection
()
Unknown
David Harrington Former IESG member
(was Discuss)
No Objection
No Objection
()
Unknown
Gonzalo Camarillo Former IESG member
No Objection
No Objection
()
Unknown
Pete Resnick Former IESG member
No Objection
No Objection
()
Unknown
Peter Saint-Andre Former IESG member
No Objection
No Objection
()
Unknown
Robert Sparks Former IESG member
No Objection
No Objection
()
Unknown
Ron Bonica Former IESG member
No Objection
No Objection
()
Unknown
Russ Housley Former IESG member
(was Discuss)
No Objection
No Objection
()
Unknown
Sean Turner Former IESG member
No Objection
No Objection
(2011-07-14)
Unknown
Stephen Farrell Former IESG member
No Objection
No Objection
(2011-07-14)
Unknown
(1) You might want to say that RECOMMENDED is the same as SHOULD where
you define conditional compliance.
(2) Its not entirely clear whether or not protection against bidding
down is a SHOULD or MUST. 4.2 seems to make it a MUST, but 4.3 seems to
open up such an attack ("If a response is not received...a new request
can be composed using legacy mechanisms"). Maybe the latter just
applies when the legacy mechanisms remain unbroken? If so, then
clarifying that might be good.
Stewart Bryant Former IESG member
No Objection
No Objection
()
Unknown
Wesley Eddy Former IESG member
No Objection
No Objection
()
Unknown