Last Call Review of draft-ietf-tls-dtls-connection-id-11
review-ietf-tls-dtls-connection-id-11-secdir-lc-franke-2021-04-22-00
Request | Review of | draft-ietf-tls-dtls-connection-id |
---|---|---|
Requested revision | No specific revision (document currently at 13) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2021-03-28 | |
Requested | 2021-03-08 | |
Authors | Eric Rescorla , Hannes Tschofenig , Thomas Fossati , Achim Kraus | |
I-D last updated | 2021-04-22 | |
Completed reviews |
Secdir Last Call review of -11
by Daniel Fox Franke
(diff)
Genart Last Call review of -10 by Russ Housley (diff) |
|
Assignment | Reviewer | Daniel Fox Franke |
State | Completed | |
Request | Last Call review on draft-ietf-tls-dtls-connection-id by Security Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/secdir/VWDKypN7ptlYRvCh3N5wJb9SAwI | |
Reviewed revision | 11 (document currently at 13) | |
Result | Ready | |
Completed | 2021-04-22 |
review-ietf-tls-dtls-connection-id-11-secdir-lc-franke-2021-04-22-00
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Apologies for the absolute last-minute review; I overlooked until just now that this had been assigned a telechat date. This document is Ready. I do have some concerns — in particular I think relying on application-layer measures to prevent amplified reflection attacks is a bit dubious — but these have been debated to death already, the issues are well-captured in the document, and I don't think I have anything new to add.