Skip to main content

Last Call Review of draft-ietf-hokey-arch-design-

Request Review of draft-ietf-hokey-arch-design
Requested revision No specific revision (document currently at 11)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2011-11-16
Requested 2011-11-08
Authors Glen Zorn , Qin Wu , Tom Taylor , Yoav Nir , Katrin Hoeper , Sebastien Decugis
I-D last updated 2011-11-15
Completed reviews Secdir Last Call review of -?? by Ondřej Surý
Assignment Reviewer Ondřej Surý
State Completed
Request Last Call review on draft-ietf-hokey-arch-design by Security Area Directorate Assigned
Completed 2011-11-15

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

I haven't been following HOKEY at all, so the comments are basically
from innocent bystander who knows as much about EAP as needed to type
the password for WiFi in the 802.1x (and is user of eduroam network).

The HOKEY architectural document seems to be clearly written and can
be understood even by me.  It does not introduce neither any new protocol
nor security issues and is just a summary of existing standards or I-Ds,
so there are no security concerns in this particular document.  Some
security concerns are referenced to other RFCs (Section 7), but they
are just #includes from other documents and not something new introduced
by this document.

One minor nit:

- You suddenly start to use rRK and DSrRK in the tables (4 and 5) in section 5.
It would help readability to explain somewhere what these abbreviations mean.

 OndÅej SurÃ
 vedoucà vÃzkumu/Head of R&D department
 CZ.NIC, z.s.p.o.    --    LaboratoÅe CZ.NIC
 Americka 23, 120 00 Praha 2, Czech Republic



 tel:+420.222745110       fax:+420.222745112