Protocol for Carrying Authentication and Network Access (PANA) Threat Analysis and Security Requirements
draft-ietf-pana-threats-eval-07
Yes
(Thomas Narten)
No Objection
(Alex Zinin)
(Bill Fenner)
(David Kessens)
(Jon Peterson)
(Steven Bellovin)
No Record
Note: This ballot was opened for revision 07 and is now closed.
Thomas Narten Former IESG member
Yes
Yes
()
Unknown
Alex Zinin Former IESG member
No Objection
No Objection
()
Unknown
Bill Fenner Former IESG member
No Objection
No Objection
()
Unknown
David Kessens Former IESG member
No Objection
No Objection
()
Unknown
Jon Peterson Former IESG member
No Objection
No Objection
()
Unknown
Steven Bellovin Former IESG member
(was Discuss)
No Objection
No Objection
()
Unknown
Ted Hardie Former IESG member
No Objection
No Objection
(2004-06-23)
Unknown
No further blocking objections. Two smaller points: The draft uses co-located to mean something far beyond "in the same place", and I'd suggest expanding on the term or looking for another that covers the ground a bit better. The "service theft" threat implies a threat to other systems which is not necessarily present in other threats--someone taking over another's IP address and MAC may also be authorized by weak schemes at upper layers that rely on those; further, it opens the possibility of attempts to take over other existing flows. This draft doesn't need to cover that, but some text pointing to the possibility might be useful
Russ Housley Former IESG member
No Record
No Record
(2004-06-24)
Unknown
Please update the Abstract so that it starts with the point of
the document, rather than the point of the working group. I
propose:
This document discusses the threats to protocols used to carry
authentication for IP network access. The security requirements
arising out of these threats will be used as additional input to
the PANA (Protocol for Carrying Authentication for Network Access)
Working Group for designing the IP-based network access
authentication protocol.