services, which do not
appear to be based on any IETF standard. I think the document would be
stronger if some of the content of section 7 was moved to the
appropriate part of section 2, and if the speculative statements were
published as a separate document.
8. Response to Increased Encryption and Looking Forward
Looks reasonable.
-- Christian Huitema
___
OPSAWG mailing list
OPSAWG@ietf.org
https://www.ietf.org/mailman/listinfo/opsawg
enough, and I also don't know whether the
manufacturer should be the sole source of this information. But it is
certainly better than not publishing the information.
-- Christian Huitema
On 9/15/2022 10:45 PM, Eliot Lear wrote:
Hi Christian,
Thanks for your review. To summariz
mize the potential threat: "some data nodes"
(how many? just a few?), "may be considered sensitive" (but perhaps the
authors doubt it?), "in some network environments" (which ones? just a
few?). I would really like to read something more direct.
-- Christian Huit
triggers some intrusion
detection system.
This is really no different than a rogue device generating a random MUD
URL. Similarly, I would prefer not to restate the security
considerations of RFC 8520, but simply reference them.
Yes. As I said, it is a mild attack, and yes it
On 2/28/2024 2:15 AM, Eliot Lear wrote:
Hi Christian,
Just on this point:
On 28.02.2024 10:05, Christian Huitema wrote:
How do you know that a specific URL is a rollback? It looks easy when
the example say "revision1" and "revision2", but I am sure there are
cases w
hat this scales as the number of device types, not the
number of devices, times the number of valid URL revisions per type, not
the number of attack URL. So, you are right, this should be manageable.
I did approve your PR on GitHub.
-- Christian Huitema
hear from you soonish if you are happy or unhappy with these
changes, and I'll post a new version on Friday March 1.
I did approve those changes in GitHub. The draft looks better now...
Once you have a version N+1, I will update my review. But I am not sure
I can do this befo
.
On 4/2/2024 11:56 AM, Christian Huitema via Datatracker wrote:
Reviewer: Christian Huitema
Review result: Ready
acceptable-urls-10-secdir-lc-huitema-2024-02-19/), I made a number of
recommendations.
One of the first recommendation was to clarify whether the distinction between
"small ch
s this does not appear as an endorsement
of the various atrocities described in the draft...
-- Christian Huitema
___
OPSAWG mailing list
OPSAWG@ietf.org
https://www.ietf.org/mailman/listinfo/opsawg
;ll respond on list when we get to this set of comments.
>>
>> Best regards,
>> Kathleen
>>
>> On Mon, Dec 4, 2017 at 11:23 AM, Christian Huitema
>> wrote:
>>> The high level summary is that draft-mm-wg-effect-encrypt version 13 is
>>> significantly
ould go on with more detailed feedback, but I want to keep this
review short, and maybe I am suffering a bit from review fatigue. My
final point is that there are quite a few typos in the draft. Please run
a spell checker and fix them.
-- Ch
On 10/5/2020 1:02 AM, mohamed.boucad...@orange.com wrote:
> Hi Christian,
>
> Thank you for the review.
>
> Please see inline.
>
> Cheers,
> Med
>
>> -----Message d'origine-
>> De : Christian Huitema via Datatracker [mailto:nore...@ietf.org]
&g
Reviewer: Christian Huitema
Review result: Has Issues
This is an early review of this document by the Security Directorate, as
requested by the WG.
The document is well written, but in my opinion the security section needs a
bit of work.
The document proposes to have devices publish a software
Reviewer: Christian Huitema
Review result: Has Nits
I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG. These comments
were written primarily for the benefit of the security area directors. Document
ed
Reviewer: Christian Huitema
Review result: Ready
My review of version 11 of this draft was making a number of suggestions. These
suggestions have largely been addressed in the version 12 of the draft:
* The risk caused by compromised agents are addressed by setting permissions
according to [I
Reviewer: Christian Huitema
Review result: Ready
I have reviewed the changes between draft-09, which I reviewed in September
2022, and draft-14, the most recent version.
The main concern expressed in my review was that "defense at scale" might also
enable "attack at scale".
Reviewer: Christian Huitema
Review result: Has Issues
Mud URL
I reviewed this document as part of the Security Directorate's ongoing
effort to review all IETF documents being processed by the IESG. These
comments were written primarily for the benefit of the Security Area
Directors. Doc
Reviewer: Christian Huitema
Review result: Ready
acceptable-urls-10-secdir-lc-huitema-2024-02-19/), I made a number of
recommendations.
One of the first recommendation was to clarify whether the distinction between
"small changes" and "big changes" was really necessary, an
Reviewer: Christian Huitema
Review result: Has Issues
The document proposes an architecture for describing and provisioning services
such as L3VPN or L2VPN. This is an ambitious architecture, aiming at providing
end-to-end services over concatenations of network services provided by
independent
Reviewer: Christian Huitema
Review result: Ready
I have reviewed the differences between the recent draft-10 and draft-06 that I
reviewed previously. Draft-10 includes the changes suggested during the
discussion of my previous review with authors. The document is ready
20 matches
Mail list logo
