[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

draft-ietf-ipdvb-sec-req-09 passed for publication as an RFC - corrections.

To: ipdvb@erg.abdn.ac.uk
Subject: draft-ietf-ipdvb-sec-req-09 passed for publication as an RFC - corrections.
From: Gorry Fairhurst <gorry@erg.abdn.ac.uk>
Date: Tue, 03 Feb 2009 22:09:53 +0000
Organization: The University of Aberdeen is a charity registered in Scotland, No SC013683.
Reply-to: ipdvb@erg.abdn.ac.uk
Sender: owner-ipdvb@erg.abdn.ac.uk
User-agent: Thunderbird 2.0.0.19 (Macintosh/20081209)

The security requirements document has been passed by IESG forpublication as an RFC.


The authors received comments during the Gen-ART review and also from
the IESG, relating to the interoperability of the different mechanisms
and specifically asking for guidance for implementors. The proposed

changes below are in response to these comments. These changes alsoaddress IESG comments on the use of security databases in the Appendix.

If accepted, these will be included in the published RFC. Please let thelist (or me) know if you have any comments on these amendments. If I donot receive feedback by the 6th February, these will be passed to theRFC Editor.


Best wishes,

Gorry Faihurst
(ipdvb Chair)

---


In Abstract:

OLD:
    The MPEG-2 standard defined by ISO 13818-1 supports a range of
    transmission methods for a range of services.
                               ^^^^^
NEW:
    The MPEG-2 standard defined by ISO 13818-1 supports a range of
    transmission methods for a variety of services.
                               ^^^^^^^

In Section 5, para 2, please update text by adding new text at the
end of the paragraph:

OLD:
    Security services may be grouped into profiles based on security
    requirements, e.g. a base profile (with payload encryption and
    identity protection), and a second profile that extends this to
    also provide source authentication and protection against replay
    attacks.
            ^

NEW:
    Security services may be grouped into profiles based on security
    requirements, e.g. a base profile (with payload encryption and
    identity protection), and a second profile that extends this to
    also provide source authentication and protection against replay
    attacks. Although the use of specific security techniques is
    optional, it is RECOMMENDED that receiver devices should
    implement all the techniques in Reqs 2-5 of section 4,
    to ensure interoperability of all profiles.

In appendix A1.2. Please replace paragraph:

OLD:
    The design of these two databases may be based on IPsec
    databases as defined in RFC4301 [RFC4301].

NEW:
     While traditionally link layer security has operated using
     simple policy mechanisms, it is envisaged that ULE security
     should provide flexibility comparable to IPsec. the above
     design is based on the two databases defined for IPsec [RFC4301].
     These databases could be used to implement either simple
     policies (as in traditional link security services) or more
     complex policies (as in IPsec).

--

Next by Date: Returned mail: see transcript for details
Next by thread: Returned mail: see transcript for details
Index(es):
- Date
- Thread