Last Call Review of draft-ietf-capport-rfc7710bis-04
review-ietf-capport-rfc7710bis-04-secdir-lc-shekh-yusef-2020-05-01-00
| Request | Review of | draft-ietf-capport-rfc7710bis |
|---|---|---|
| Requested revision | No specific revision (document currently at 11) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2020-05-13 | |
| Requested | 2020-04-29 | |
| Authors | Warren "Ace" Kumari , Erik Kline | |
| Draft last updated | 2020-05-01 | |
| Completed reviews |
Secdir Last Call review of -04
by
Rifaat Shekh-Yusef
(diff)
Genart Last Call review of -04 by Stewart Bryant (diff) Opsdir Last Call review of -04 by Tim Chown (diff) Iotdir Telechat review of -07 by Suresh Krishnan (diff) Intdir Telechat review of -07 by Ralf Weber (diff) |
|
| Assignment | Reviewer | Rifaat Shekh-Yusef |
| State | Completed | |
| Review |
review-ietf-capport-rfc7710bis-04-secdir-lc-shekh-yusef-2020-05-01
|
|
| Posted at | https://mailarchive.ietf.org/arch/msg/secdir/kHOP21ffwd-HSKZ2tb-brTthReA | |
| Reviewed revision | 04 (document currently at 11) | |
| Result | Has Issues | |
| Completed | 2020-05-01 |
review-ietf-capport-rfc7710bis-04-secdir-lc-shekh-yusef-2020-05-01-00
Since the use of IP address literal is not forbidden by this document, what if an attacker with the ability to inject DHCP messages or RAs uses this option to force the user to contact an IP address of his choosing? In this case, the use of TLS and presenting the identity in the certificate might not be of much help. I think this case should be discussed in the security consideration section.