Last Call Review of draft-ietf-tls-encrypt-then-mac-02
review-ietf-tls-encrypt-then-mac-02-opsdir-lc-wijnen-2014-06-24-00
Request | Review of | draft-ietf-tls-encrypt-then-mac |
---|---|---|
Requested revision | No specific revision (document currently at 03) | |
Type | Last Call Review | |
Team | Ops Directorate (opsdir) | |
Deadline | 2014-06-20 | |
Requested | 2014-06-09 | |
Authors | Peter Gutmann | |
I-D last updated | 2014-06-24 | |
Completed reviews |
Genart Last Call review of -02
by Elwyn B. Davies
(diff)
Genart Telechat review of -03 by Elwyn B. Davies Secdir Last Call review of -02 by Paul E. Hoffman (diff) Opsdir Last Call review of -02 by Bert Wijnen (diff) |
|
Assignment | Reviewer | Bert Wijnen |
State | Completed | |
Request | Last Call review on draft-ietf-tls-encrypt-then-mac by Ops Directorate Assigned | |
Reviewed revision | 02 (document currently at 03) | |
Result | Ready | |
Completed | 2014-06-24 |
review-ietf-tls-encrypt-then-mac-02-opsdir-lc-wijnen-2014-06-24-00
The document is aimed for stds track: This document describes a means of negotiating the use of the encrypt-then-MAC security mechanism in place of TLS'/DTLS' existing MAC-then-encrypt one, which has been the subject of a number of security vulnerabilities over a period of many years. I do not see any issues regarding operational or network management aspects. Documents seems ready for publication from my point of view. Bert Wijnen