IETF conflict review for draft-morand-http-digest-2g-aka
|Document||Proposed conflict review||draft-morand-http-digest-2g-aka-05 IETF stream Snapshot|
|IESG||Responsible AD||Stephen Farrell|
|Send notices to||"Nevil Brownlee" <email@example.com>, firstname.lastname@example.org|
The IESG has concluded that this work is related to IETF work done in HTTPAUTH, but this relationship does not prevent publishing. IESG Note: Please note that this document is similar to previous specifications on EAP SIM/AKA (RFCs 4186-4187 and 5448) and HTTP Digest AKA (RFC 3310). It is also reminiscent of some work on the generic authentication framework at 3GPP (GBA). When those drafts were there was quite a bit of review of the crypto and protocol details before the specifications were published. It's not clear that that has happened here and it would be good if the 3GPP security group, SA3, reviewed this. Jari's message to the SA3 Chair, Bengt, seems to have stimulated this and it would be best if this review completed prior to publication of this draft. Also, draft-ietf-httpbis-p7-auth will create an registry for HTTP Authentication Schemes. This document will need to indicate that a value needs to be added for this draft in that registry (http://www.iana.org/assignments/http-authschemes).