Last Call Review of draft-ietf-eman-rfc4133bis-05
review-ietf-eman-rfc4133bis-05-secdir-lc-roca-2013-02-21-00
| Request | Review of | draft-ietf-eman-rfc4133bis |
|---|---|---|
| Requested revision | No specific revision (document currently at 06) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2013-02-19 | |
| Requested | 2013-01-17 | |
| Authors | Andy Bierman , Dan Romascanu , Juergen Quittek , Mouli Chandramouli | |
| I-D last updated | 2013-02-21 | |
| Completed reviews |
Genart Last Call review of -05
by Brian E. Carpenter
(diff)
Genart Telechat review of -06 by Brian E. Carpenter Secdir Last Call review of -05 by Vincent Roca (diff) |
|
| Assignment | Reviewer | Vincent Roca |
| State | Completed | |
| Review |
review-ietf-eman-rfc4133bis-05-secdir-lc-roca-2013-02-21
|
|
| Reviewed revision | 05 (document currently at 06) | |
| Result | Ready | |
| Completed | 2013-02-21 |
review-ietf-eman-rfc4133bis-05-secdir-lc-roca-2013-02-21-00
Hello, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. -- This document is an update of RFC4311. It therefore inherits, updates and improves the security considerations section of that RFC. This section seems well written and accurate. I just have a small comment. I see there's a wide range of techniques to secure communication with MIBs. This document specifies a Mandatory To Implement solution (USM with AES), mentions a SHOULD support solution (security features of RFC3410), as well as a MAY support approach (TSM with SSH/TLS).That's a lot. I imagine there are good reasons (I don't know the SNMP/MIB domain) to do that... Cheers, Vincent