Common Open Policy Service (COPS) Over Transport Layer Security (TLS)
draft-ietf-rap-cops-tls-11
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2012-08-22
|
11 | (System) | post-migration administrative database adjustment to the Yes position for Bert Wijnen |
2005-05-27
|
11 | Amy Vezza | State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza |
2005-05-25
|
11 | Amy Vezza | IESG state changed to Approved-announcement sent |
2005-05-25
|
11 | Amy Vezza | IESG has approved the document |
2005-05-25
|
11 | Amy Vezza | Closed "Approve" ballot |
2005-05-25
|
11 | Bert Wijnen | State Changes to Approved-announcement to be sent from Waiting for AD Go-Ahead by Bert Wijnen |
2005-05-25
|
11 | Bert Wijnen | State was "waiting for AD-goahead, coming from IETF Last Call". But doc was on IESG agenda (in Feb 2005) while IETF Last Call was completing. … State was "waiting for AD-goahead, coming from IETF Last Call". But doc was on IESG agenda (in Feb 2005) while IETF Last Call was completing. All discusses cleared now; so doc is approved. |
2005-05-25
|
11 | Bert Wijnen | Status date has been changed to 2005-05-25 from 2005-01-27 |
2005-05-25
|
11 | Bert Wijnen | Note field has been cleared by Bert Wijnen |
2005-05-25
|
11 | Bert Wijnen | [Ballot Position Update] Position for Bert Wijnen has been changed to Yes from Discuss by Bert Wijnen |
2005-02-08
|
11 | (System) | State has been changed to Waiting for AD Go-Ahead from In Last Call by system |
2005-02-08
|
11 | (System) | New version available: draft-ietf-rap-cops-tls-11.txt |
2005-02-04
|
11 | (System) | Removed from agenda for telechat - 2005-02-03 |
2005-02-03
|
11 | Sam Hartman | [Ballot comment] Section 9 of rfc 2246 says: In the absence of an application profile standard specifying otherwise, a TLS compliant application MUST … [Ballot comment] Section 9 of rfc 2246 says: In the absence of an application profile standard specifying otherwise, a TLS compliant application MUST implement the cipher suite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA. Are you sure that's the cipher you want to require people to implement? RSA seems more common today. If that's what you want the current text is fine. |
2005-02-03
|
11 | Bert Wijnen | [Ballot discuss] wait for Last Call to finish Need a new revisiosn to address open issues (see RFC-Editor notes) |
2005-02-03
|
11 | Bert Wijnen | [Ballot Position Update] Position for Bert Wijnen has been changed to Discuss from Yes by Bert Wijnen |
2005-02-03
|
11 | Sam Hartman | [Ballot Position Update] New position, No Objection, has been recorded for Sam Hartman by Sam Hartman |
2005-02-03
|
11 | Thomas Narten | [Ballot Position Update] New position, No Objection, has been recorded for Thomas Narten by Thomas Narten |
2005-02-03
|
11 | Michelle Cotton | IANA Follow-up Comments: IANA Note clears questions regarding IANA Actions. |
2005-02-03
|
11 | Margaret Cullen | [Ballot Position Update] New position, No Objection, has been recorded for Margaret Wasserman by Margaret Wasserman |
2005-02-03
|
11 | Harald Alvestrand | [Ballot comment] Reviewed by Lucy Lynch, Gen-ART No show-stopper comments. Review in document comments. |
2005-02-03
|
11 | Harald Alvestrand | [Ballot Position Update] New position, No Objection, has been recorded for Harald Alvestrand by Harald Alvestrand |
2005-02-03
|
11 | Harald Alvestrand | Review by Lucy Lynch, Gen-ART: This draft falls between "basically ready" and "open issues": This draft is basically ready for publication, but has open issues: … Review by Lucy Lynch, Gen-ART: This draft falls between "basically ready" and "open issues": This draft is basically ready for publication, but has open issues: the document is well written but the AD review has raised a couple of points which the authors have already acknowledged: Bert has already done an excellent in depth review of the IANA related issues: http://ops.ietf.org/lists/rap/rap.2005/msg00000.html and one of the authors has responded with some planned updates: http://ops.ietf.org/lists/rap/rap.2005/msg00001.html so a version 11 document should be forth coming... Note also that the major change from version 9 to 10 was the use of a TLS Integrity object instaed of the previously defined Security ClientSI Object - this leads to a change is proposed staus for another working group document: http://ops.ietf.org/lists/rap/rap.2004/msg00046.html "Just a clarification. Since the draft defines a TLS Integrity object for COPS, the WG is planning on sending the COPS-over-TLS document to the IESG as a Proposed Standard and not Informational as originally planned. -Scott Hahn RAP WG co-chair" You may want to link these two docs in the next cycle. That said, in reviewing "primarily for readability and consistency" this is a well written document. The structure is logical, the level of the definitions is helpful, and the requirements (MUST/SHOULD/etc) are very clear. A pleasure to read. |
2005-02-03
|
11 | Allison Mankin | [Ballot Position Update] New position, No Objection, has been recorded for Allison Mankin by Allison Mankin |
2005-02-03
|
11 | Alex Zinin | [Ballot Position Update] New position, No Objection, has been recorded for Alex Zinin by Alex Zinin |
2005-02-02
|
11 | Bill Fenner | [Ballot Position Update] New position, No Objection, has been recorded for Bill Fenner by Bill Fenner |
2005-02-02
|
11 | David Kessens | [Ballot Position Update] New position, No Objection, has been recorded for David Kessens by David Kessens |
2005-02-02
|
11 | Jon Peterson | [Ballot Position Update] New position, No Objection, has been recorded for Jon Peterson by Jon Peterson |
2005-01-31
|
11 | Ted Hardie | [Ballot Position Update] New position, No Objection, has been recorded for Ted Hardie by Ted Hardie |
2005-01-31
|
11 | Russ Housley | [Ballot Position Update] New position, Yes, has been recorded for Russ Housley by Russ Housley |
2005-01-31
|
11 | Michelle Cotton | IANA Last Call Comments: The IANA Considerations section says the following: For the Integrity-TLS object for Client-Type 0, the IANA shall add the … IANA Last Call Comments: The IANA Considerations section says the following: For the Integrity-TLS object for Client-Type 0, the IANA shall add the following Flags value: 0x01 = StartTLS Further values for the Flags field and the reserved field can only be assigned by IETF Consensus rule as defined in [RFC2434]. We are trying to understand how this will be entered into the cops-parameters registry. Is the Integrity-TLS object a new object defined in this document? After looking in the COPS registry, we could not see an existing object with this name. We do see "Message Integrity". Can you please clarify as to where this assignment will go? See: |
2005-01-31
|
11 | Scott Hollenbeck | [Ballot Position Update] New position, No Objection, has been recorded for Scott Hollenbeck by Scott Hollenbeck |
2005-01-27
|
11 | Bert Wijnen | Placed on agenda for telechat - 2005-02-03 by Bert Wijnen |
2005-01-27
|
11 | Bert Wijnen | [Note]: 'IESG: This document is in IETF Last Call, but the I (Bert) wants to get    IESG review comments at Feb 3 … [Note]: 'IESG: This document is in IETF Last Call, but the I (Bert) wants to get    IESG review comments at Feb 3 telechat, so I can try and finsih this    before I go absent for a while. IESG: Pls also note that I already have a set of RFC-Editor notes that need    to be applied to the document.' added by Bert Wijnen |
2005-01-27
|
11 | Bert Wijnen | [Ballot Position Update] New position, Yes, has been recorded for Bert Wijnen |
2005-01-27
|
11 | Bert Wijnen | Ballot has been issued by Bert Wijnen |
2005-01-27
|
11 | Bert Wijnen | Created "Approve" ballot |
2005-01-27
|
11 | (System) | Ballot writeup text was added |
2005-01-27
|
11 | (System) | Last call text was added |
2005-01-27
|
11 | (System) | Ballot approval text was added |
2005-01-27
|
11 | Bert Wijnen | Status date has been changed to 2005-01-27 from 2005-01-24 |
2005-01-27
|
11 | Bert Wijnen | [Note]: 'IESG: This document is in IETF Last Call, but the I (Bert) wants to get IESG review comments at Feb 3 … [Note]: 'IESG: This document is in IETF Last Call, but the I (Bert) wants to get IESG review comments at Feb 3 telechat, so I can try and finsih this before I go absent for a while. IESG: Pls also note that I already have a set of RFC-Editor notes that need to be applied to the document.' added by Bert Wijnen |
2005-01-25
|
11 | Amy Vezza | Last call sent |
2005-01-25
|
11 | Amy Vezza | State Changes to In Last Call from Last Call Requested by Amy Vezza |
2005-01-24
|
11 | Bert Wijnen | AD review ----Original Message----- From: Wijnen, Bert (Bert) Sent: Tuesday, January 25, 2005 00:22 To: Hahn, Scott; Rap-wg (E-mail) Cc: Kulkarni, Amol; Walker, Jesse Subject: … AD review ----Original Message----- From: Wijnen, Bert (Bert) Sent: Tuesday, January 25, 2005 00:22 To: Hahn, Scott; Rap-wg (E-mail) Cc: Kulkarni, Amol; Walker, Jesse Subject: AD review of: draft-ietf-rap-cops-tls-10.txt Here is my AD review. 1. References and citation issues !! Missing Reference for citation: [RFC2753] P003 L012: Server. See [RFC2753]. P003 L014: Client. See [RFC2753]. !! Missing citation for Informative reference: P010 L055: [RFC3207] Hoffman, P., "SMTP Service Extension for Secure SMTP !! Missing citation for Normative reference: P010 L031: [RFC2026] Bradner, S., "The Internet Standards Process - Revision !! Missing Reference for citation: [RFC3667] P001 L015: of section 3 of RFC 3667 [RFC3667]. By submitting this Internet- For the last one, you should not have a citation on the front page. so citation can just be removed. 2. I wonder about sect 4.1 and the IANA COnsiderations. Does sect 4.1 not describe another C-NUM C-Type combinations (namely C-NUM-16 and C-Type =2) that should be added to the registry at http://www.iana.org/assignments/cops-parameters where it now shows c-num c-type Description Reference ------ ------ ------------------------- --------- 0x01 0x01 Handle [RFC2748] .... snip ... 0x10 0x01 Message Integrity [RFC2748] It seems to we need to ask to add 0x10 0x02 Message Integrity, Integrity-TLS [RFCxxxx] 3. Sect 4.2 For error code 13 I see that RFC2748 explains the content of the sub-code. Unfortunately such is not recorded in the http://www.iana.org/assignments/cops-parameters For error code 15, you seem to be newly defining what goes in the sub-code. Is that something that needs to be registered? I am not sure myself. Can't say that rfc2748 is very clear on that. The last para of IANA COnsiderations in RFC2748 seems to say we must do so? 4. Sect 5.1 It is not clear to me if the Client-Accept in RFC2748 sect 3.7 is obsoleted, or if this doc just adds another form of the Client-Accept message. I think it is the latter, but would like to see it explicitly spelled out. If it is indeed an additional form, then the abstract is not explicit at that either. I am requesting an IETF Last Call now. So pls do not submit a new revision yet. Let me know your reaction to the above asap. Thanks, Bert |
2005-01-24
|
11 | Bert Wijnen | Status date has been changed to 2005-01-24 from 2004-12-31 |
2005-01-24
|
11 | Bert Wijnen | State Changes to Last Call Requested from AD Evaluation by Bert Wijnen |
2004-12-31
|
11 | Bert Wijnen | State Changes to AD Evaluation from Publication Requested by Bert Wijnen |
2004-12-31
|
11 | Bert Wijnen | Status date has been changed to 2004-12-31 from 2004-11-04 |
2004-12-10
|
11 | Dinara Suleymanova | State Changes to Publication Requested from AD is watching by Dinara Suleymanova |
2004-12-10
|
11 | Dinara Suleymanova | Intended Status has been changed to Proposed Standard from Informational |
2004-12-02
|
10 | (System) | New version available: draft-ietf-rap-cops-tls-10.txt |
2004-11-04
|
11 | Bert Wijnen | Comments received from Security ADs. Checking with WG chair and (main) author. I also need to know what the intended target is (stds track or … Comments received from Security ADs. Checking with WG chair and (main) author. I also need to know what the intended target is (stds track or informational) |
2004-11-04
|
11 | Bert Wijnen | State Change Notice email list have been change to amol.kulkarni@intel.com, scott.hahn@intel.com from |
2004-11-04
|
11 | Bert Wijnen | Status date has been changed to 2004-11-04 from 2004-08-31 |
2004-09-27
|
09 | (System) | New version available: draft-ietf-rap-cops-tls-09.txt |
2004-08-31
|
11 | Bert Wijnen | -----Original Message----- From: Wijnen, Bert (Bert) Sent: Tuesday, August 31, 2004 18:44 To: Kulkarni, Amol; Hahn, Scott Cc: Rap-wg (E-mail) Subject: AD review: draft-ietf-rap-cops-tls-08.txt submission … -----Original Message----- From: Wijnen, Bert (Bert) Sent: Tuesday, August 31, 2004 18:44 To: Kulkarni, Amol; Hahn, Scott Cc: Rap-wg (E-mail) Subject: AD review: draft-ietf-rap-cops-tls-08.txt submission Here is what I found 1. Sect 4.1, it is unclear what kind of field the FLAGS field is is it a bitmask? an Unsigned16, or what? If a bit field, which bit indicates the TLS flag? I also wonder if the flag would not be better called StartTLS, but that is a nit. 2. Same sect 4,1 Also, I guess the ///// field is a reserved field? If so, I would make that clear, and I would state that it must be set to zero in transmit and be ignored on receipt. 3. I had this comment/question back inmarch of this year as well and have not yet seen a response: Section 7 states that the non-well-know port needs to be communicated by the server to the client. But it does not explain how. Am I missing something here? 4. You may want to add to the IANA considerations section that the registry is located at: http://www.iana.org/assignments/cops-parameters That is where they are supposed to add the error code. 5. Assigning value 16 as an error code is something that the WG should not do. The proper procedure is to mark it as a error-code-TBD-by-IANA and then ask IANA to assign and then RFC-Editor will fill in the numbers. I am not aware that other on-going work is taking place in this area, so the risk for conflicts is probably low. 6. I also still wonder: that StartTLS ClientSI object... who controls assignment of additional flags in the future? x. You are now (changing) defining protocol messages for COPS. In sect 5 you change the ClientAccept. So I wonder: - does this doc UPDATE RFC2748 as a result? it seems to me it does and so it should state so and mention so in the abstract if we indeed agree - if we define protocol extensions to RFC2748, should this not be a stds track document instead of informational Certainly if it updates 2748, it should be stds track I think. - The fact that this document fills in the "how to" for the last para in the security considerations section of RFC2748 may be another reason to make this stds track. admin nits. - There should be no reference to RFC2026, nor should their be a citation in the front matter. See www.ietf.org/ID-Checklist.html sect 2.1 item 7. - If you do do a respin, better use the text from RFC3667/3668 anyway. Thanks, Bert |
2004-08-31
|
11 | Bert Wijnen | Ad is checking with author and WG chair what kind of IPR claim has been submitted (doc claims there has been one submitted). |
2004-08-31
|
11 | Bert Wijnen | AD is checking with Security folk if new revision is acceptable from a security point of view. |
2004-08-31
|
11 | Bert Wijnen | Status date has been changed to 2004-08-31 from 2004-03-25 |
2004-08-26
|
08 | (System) | New version available: draft-ietf-rap-cops-tls-08.txt |
2004-03-25
|
11 | Bert Wijnen | Besides the AD review (as per below) I am also checking with Security ADs. -----Original Message----- From: Wijnen, Bert (Bert) [mailto:bwijnen@lucent.com] Sent: donderdag … Besides the AD review (as per below) I am also checking with Security ADs. -----Original Message----- From: Wijnen, Bert (Bert) [mailto:bwijnen@lucent.com] Sent: donderdag 25 maart 2004 22:14 To: jesse.walker@intel.com Cc: Rap-wg (E-mail) Subject: AD review of: draft-ietf-rap-cops-tls-07.txt Took a while.. but I did find some time to do AD evaluation of this document. 1. In sect 3.2.1 you talk about Protocol and Flags. How does this fit into the ClientSI object defined in RFC2748. Is this something needs to be addressed/described in IANA Considerations? Where should IANA register this? How are future assignments to be made? For protocols? for flags? 2. In sect 3.2.2 you define new sub-error codes. How does that fit into the definition of RFC2748? Are the sub-error codes zero by default? ANyway, this needs more explanation in IANA considerations as to how/where IANA needs to put these new assignments and how future values can be allocated, no? 3. Section 7 states that the non-well-know port needs to be communicated by the server to the client. But it does not explain how. Am I missing something here? 4. You may want to add IPR and copyright notices as per RFCs3667/8/9 Thanks, Bert |
2004-03-25
|
11 | Bert Wijnen | Status date has been changed to 2004-03-25 from 2003-12-12 |
2004-03-25
|
11 | Bert Wijnen | Security Advisor tells me that the document is now acceptable |
2003-11-26
|
07 | (System) | New version available: draft-ietf-rap-cops-tls-07.txt |
2003-05-27
|
06 | (System) | New version available: draft-ietf-rap-cops-tls-06.txt |
2003-02-07
|
05 | (System) | New version available: draft-ietf-rap-cops-tls-05.txt |
2002-07-03
|
04 | (System) | New version available: draft-ietf-rap-cops-tls-04.txt |
2002-04-18
|
03 | (System) | New version available: draft-ietf-rap-cops-tls-03.txt |
2001-10-18
|
02 | (System) | New version available: draft-ietf-rap-cops-tls-02.txt |
2001-09-10
|
01 | (System) | New version available: draft-ietf-rap-cops-tls-01.txt |
2001-02-28
|
00 | (System) | New version available: draft-ietf-rap-cops-tls-00.txt |