Authenticated Chunks for the Stream Control Transmission Protocol (SCTP)
draft-ietf-tsvwg-sctp-auth-08
Yes
(Magnus Westerlund)
No Objection
(Bill Fenner)
(Brian Carpenter)
(Cullen Jennings)
(Dan Romascanu)
(David Kessens)
(Jon Peterson)
(Lars Eggert)
(Mark Townsley)
(Ross Callon)
Note: This ballot was opened for revision 08 and is now closed.
Magnus Westerlund Former IESG member
Yes
Yes
()
Unknown
Bill Fenner Former IESG member
No Objection
No Objection
()
Unknown
Brian Carpenter Former IESG member
(was Discuss)
No Objection
No Objection
()
Unknown
Cullen Jennings Former IESG member
No Objection
No Objection
()
Unknown
Dan Romascanu Former IESG member
No Objection
No Objection
()
Unknown
David Kessens Former IESG member
No Objection
No Objection
()
Unknown
Jari Arkko Former IESG member
No Objection
No Objection
(2007-02-22)
Unknown
Does this document expect a separate shared secret to be configured between all pairs of communicating parties? This may be a big assumption. How does one "using TLS" create such a key? That may be a good approach, but I'm sure details are needed. Is there an IETF policy for defining key management and not just reliance on shared secrets for new protocols?
Jon Peterson Former IESG member
No Objection
No Objection
()
Unknown
Lars Eggert Former IESG member
No Objection
No Objection
()
Unknown
Mark Townsley Former IESG member
No Objection
No Objection
()
Unknown
Ross Callon Former IESG member
No Objection
No Objection
()
Unknown
Russ Housley Former IESG member
(was Discuss)
No Objection
No Objection
(2007-02-19)
Unknown
Section 1 says: > > ... SCTP sender to sign chunks ... > I really dislike this use of "sign." I greatly prefer "authenticate." Since the specification demands that the random value must be exactly 32 octets in length, it would help the reader to say so in Section 3.1.
Ted Hardie Former IESG member
No Objection
No Objection
(2007-02-21)
Unknown
During a private exchange with the authors, it was clarified that this document works with the partial reliability extensions to SCTP. This will be made clear in an upcoming document (add-ip), but I believe it would be useful to add a short informational statement to this document to that effect.