ietf
[Top] [All Lists]

SecDir review of draft-ietf-radext-tcp-transport

2010-05-07 14:51:32
I have reviewed this document as part of the security directorate's ongoing 
effort to review all IETF documents being processed by the IESG.  These 
comments were written primarily for the benefit of the security area directors. 
 Document editors and WG chairs should treat these comments just like any other 
last call comments.

This document discussions use of RADIUS over TLS (over TCP).  This document is 
being considered for publication as an Experimental RFC.

This document does not discuss the particulars of how TLS is to be used.  It 
seems left to draft-ietf-radext-radsec, which this document only informatively 
references.  It may be appropriate to elevate the reference to 
draft-ietf-radext-radsec to normative status.

I suggest inclusion of text in the Security Considerations section that 
specifically refer the reader to draft-ietf-radext-radsec for RADIUS over TLS 
specific security considerations, as well as RFC 5246 for general TLS security 
considerations.

Beyond this, I have no security concerns with transport details this I-D 
discusses.

Regards, Kurt
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>
  • SecDir review of draft-ietf-radext-tcp-transport, Kurt Zeilenga <=