Skip to main content

Last Call Review of draft-ietf-capport-rfc7710bis-04
review-ietf-capport-rfc7710bis-04-secdir-lc-shekh-yusef-2020-05-01-00

Request Review of draft-ietf-capport-rfc7710bis
Requested revision No specific revision (document currently at 11)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2020-05-13
Requested 2020-04-29
Authors Warren "Ace" Kumari , Erik Kline
I-D last updated 2020-05-01
Completed reviews Secdir Last Call review of -04 by Rifaat Shekh-Yusef (diff)
Genart Last Call review of -04 by Stewart Bryant (diff)
Opsdir Last Call review of -04 by Tim Chown (diff)
Iotdir Telechat review of -07 by Suresh Krishnan (diff)
Intdir Telechat review of -07 by Ralf Weber (diff)
Assignment Reviewer Rifaat Shekh-Yusef
State Completed
Request Last Call review on draft-ietf-capport-rfc7710bis by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/kHOP21ffwd-HSKZ2tb-brTthReA
Reviewed revision 04 (document currently at 11)
Result Has issues
Completed 2020-05-01
review-ietf-capport-rfc7710bis-04-secdir-lc-shekh-yusef-2020-05-01-00
Since the use of IP address literal is not forbidden by this document, what if 
an attacker with the ability to inject DHCP messages or RAs uses this option 
to force the user to contact an IP address of his choosing? In this case, the use 
of TLS and presenting the identity in the certificate might not be of much help.

I think this case should be discussed in the security consideration section.