Last Call Review of draft-ietf-tls-encrypt-then-mac-02
review-ietf-tls-encrypt-then-mac-02-opsdir-lc-wijnen-2014-06-24-00
| Request | Review of | draft-ietf-tls-encrypt-then-mac |
|---|---|---|
| Requested revision | No specific revision (document currently at 03) | |
| Type | Last Call Review | |
| Team | Ops Directorate (opsdir) | |
| Deadline | 2014-06-20 | |
| Requested | 2014-06-09 | |
| Authors | Peter Gutmann | |
| I-D last updated | 2014-06-24 | |
| Completed reviews |
Genart Last Call review of -02
by Elwyn B. Davies
(diff)
Genart Telechat review of -03 by Elwyn B. Davies Secdir Last Call review of -02 by Paul E. Hoffman (diff) Opsdir Last Call review of -02 by Bert Wijnen (diff) |
|
| Assignment | Reviewer | Bert Wijnen |
| State | Completed | |
| Request | Last Call review on draft-ietf-tls-encrypt-then-mac by Ops Directorate Assigned | |
| Reviewed revision | 02 (document currently at 03) | |
| Result | Ready | |
| Completed | 2014-06-24 |
review-ietf-tls-encrypt-then-mac-02-opsdir-lc-wijnen-2014-06-24-00
The document is aimed for stds track: This document describes a means of negotiating the use of the encrypt-then-MAC security mechanism in place of TLS'/DTLS' existing MAC-then-encrypt one, which has been the subject of a number of security vulnerabilities over a period of many years. I do not see any issues regarding operational or network management aspects. Documents seems ready for publication from my point of view. Bert Wijnen