Re: [Ace] Erik Kline's No Objection on draft-ietf-ace-key-groupcomm-17: (with COMMENT)

Fri, 15 Dec 2023 09:10:00 -0800 

Hello Erik,
Thanks a lot for your review! Please find in line below our detailed replies to your comments. 

A Github PR where we have addressed your comments is available at [PR].


Unless any concern is raised, we plan to soon merge this PR (and the 
other ones related to other received reviews), and to submit the result 
as version -18 of the document.


Thanks,
/Marco

[PR] https://github.com/ace-wg/ace-key-groupcomm/pull/162

On 2023-11-25 06:58, Erik Kline via Datatracker wrote:

Erik Kline has entered the following ballot position for
draft-ietf-ace-key-groupcomm-17: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)



Please refer tohttps://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fabout%2Fgroups%2Fiesg%2Fstatements%2Fhandling-ballot-positions%2F&data=05%7C01%7Cmarco.tiloca%40ri.se%7C4533f012fc994349f11c08dbed7b9d93%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638364887418093160%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=vHbTyHVeGaocmEFCYXFyL0T%2F4vDs%2FDELAcEqwg38Co8%3D&reserved=0  
for more information about how to handle DISCUSS and COMMENT positions.



The document, along with other ballot positions, can be found here:
https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-ace-key-groupcomm%2F&data=05%7C01%7Cmarco.tiloca%40ri.se%7C4533f012fc994349f11c08dbed7b9d93%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638364887418093160%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=vnmeptAzjldM9fMYQIHI2oKvmfyhsZ8TLMWRJroQGQg%3D&reserved=0



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

# Internet AD comments for draft-ietf-ace-key-groupcomm-17
CC @ekline

* comment syntax:
   
-https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fmnot%2Fietf-comments%2Fblob%2Fmain%2Fformat.md&data=05%7C01%7Cmarco.tiloca%40ri.se%7C4533f012fc994349f11c08dbed7b9d93%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638364887418093160%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=BS8u7NTGzTHG25Gag53eO9%2FU0%2BzXglNzSkFadkCRQv0%3D&reserved=0

* "Handling Ballot Positions":
   
-https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fietf.org%2Fabout%2Fgroups%2Fiesg%2Fstatements%2Fhandling-ballot-positions%2F&data=05%7C01%7Cmarco.tiloca%40ri.se%7C4533f012fc994349f11c08dbed7b9d93%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638364887418093160%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=vBu4zfwRt1CVDYoqTaLiFsZGd%2BjFybp%2BoOQGJD%2B2CHQ%3D&reserved=0

## Comments

### S6

* What is the real meaning behind:

    The KDC can perform a group rekeying before the current group keying
    material expires, unless it is acceptable or there are reasons to
    temporarily pause secure communications in the group, following the
    expiration of the current keying material.

   Specifically: when is it acceptable to "pause secure communications"?


==>MT

We have extended the paragraph as below.

OLD

> The KDC can perform a group rekeying before the current group keying 
material expires, unless it is acceptable or there are reasons to 
temporarily pause secure communications in the group, following the 
expiration of the current keying material.


NEW

> The KDC can perform a group rekeying before the current group keying 
material expires, unless it is acceptable or there are reasons to 
temporarily pause secure communications in the group, following the 
expiration of the current keying material. For example, a pause in the 
group communication might have been scheduled to start anyway when the 
group keying material expires, e.g., to allow maintenance operations on 
the group members. As another example, the KDC might be carrying out a 
verification that some group members are seemingly compromised and to be 
evicted, and this requires to be completed in order to appropriately 
define and schedule the exact rekeying process to perform. As a result, 
the KDC could delay the execution of the group rekeying.


<==







--
Marco Tiloca
Ph.D., Senior Researcher

Phone: +46 (0)70 60 46 501

RISE Research Institutes of Sweden AB
Box 1263
164 29 Kista (Sweden)

Division: Digital Systems
Department: Computer Science
Unit: Cybersecurity

https://www.ri.se




Attachment:
OpenPGP_0xEE2664B40E58DA43.asc

Description: OpenPGP public key



Attachment:
OpenPGP_signature.asc

Description: OpenPGP digital signature


_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace






















					Reply via email to