Skip to main content

Protocol for Carrying Authentication and Network Access (PANA) Threat Analysis and Security Requirements
RFC 4016

Yes

(Thomas Narten)

No Objection

(Alex Zinin)
(Bill Fenner)
(David Kessens)
(Jon Peterson)
(Steven Bellovin)

No Record


Note: This ballot was opened for revision 07 and is now closed.

(Thomas Narten; former steering group member) Yes

Yes ()

                            

(Alex Zinin; former steering group member) No Objection

No Objection ()

                            

(Bill Fenner; former steering group member) No Objection

No Objection ()

                            

(David Kessens; former steering group member) No Objection

No Objection ()

                            

(Jon Peterson; former steering group member) No Objection

No Objection ()

                            

(Steven Bellovin; former steering group member) (was Discuss) No Objection

No Objection ()

                            

(Ted Hardie; former steering group member) No Objection

No Objection (2004-06-23)
No further blocking objections.  Two smaller points:

The draft uses co-located to mean something far beyond "in the same place",
and I'd suggest expanding on the term or looking for another that covers the
ground a bit better.

The "service theft" threat implies a threat to other systems which
is not necessarily present in other threats--someone taking over
another's IP address and MAC may also be authorized by weak
schemes at upper layers that rely on those; further, it opens the
possibility of attempts to take over other existing flows.  This
draft doesn't need to cover that, but some text pointing to the
possibility might be useful

(Russ Housley; former steering group member) No Record

No Record (2004-06-24)
  Please update the Abstract so that it starts with the point of
  the document, rather than the point of the working group. I
  propose:

    This document discusses the threats to protocols used to carry
    authentication for IP network access. The security requirements
    arising out of these threats will be used as additional input to
    the PANA (Protocol for Carrying Authentication for Network Access)
    Working Group for designing the IP-based network access
    authentication protocol.