ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [PART-I] Gen-ART LC and Telechat Review of draft-ietf-mext-binding-revocation-10

2009-08-27 18:13:32
from [Jari Arkko] [Permanent Link] 
Ben,

Thanks for your review!
Wrt. authorization, the document does make it clear that bulk revocation requires explicit authorization (search for "authorization"). The document does not say how to achieve this, but I would assume a global configuration flag or a list of authorized peers. We could add this to the document, if you think it helps.
When it comes to non-bulk revocation messages, I'm not sure their requirements are any different from the rest of the signaling. First, the protocol intrinsically enables only the revocation of sessions created by the two parties. Secondly, existing messages can already be used to create and delete sessions from clients -- binding revocation simply adds a capability to do that from the server side as well. Additional requirements for authorization mechanisms could be added here, but I'm not sure its needed. 

Jari

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [PART-II] Gen-ART LC and Telechat Review of draft-ietf-mext-binding-revocation-10, Ben Campbell
Next by Date:  Re: Last Call: draft-housley-iesg-rfc3932bis (IESG Procedures for Handling of Independent and IRTF Stream Submissions) to BCP, Brian E Carpenter
Previous by Thread:  RE: [PART-I] Gen-ART LC and Telechat Review of draft-ietf-mext-binding-revocation-10, Ahmad Muhanna
Next by Thread:  Re: [PART-I] Gen-ART LC and Telechat Review of draft-ietf-mext-binding-revocation-10, Ben Campbell
Indexes:  [Date] [Thread] [Top] [All Lists]