[AFS3-std] Rx Clear security class
Tom Keiser
tkeiser@sinenomine.net
Mon, 19 Apr 2010 13:31:05 -0400
Hi All,
I released a new version of the Rx Clear security class I-D the other
day. I am hereby soliciting comments on this new version of the
draft.
http://tools.ietf.org/html/draft-tkeiser-rxrpc-sec-clear-02
http://openafs.sinenomine.net/~tkeiser/i-d/draft-tkeiser-rxrpc-sec-clear-02.html
http://openafs.sinenomine.net/~tkeiser/i-d/draft-tkeiser-rxrpc-sec-clear-02.xml
http://openafs.sinenomine.net/~tkeiser/i-d/draft-tkeiser-rxrpc-sec-clear-01-02.xml.diff
The major changes in this version of the document are:
* new introductory section that better explains the relationship
between Rx and AFS-3 so that the document is more approachable for
novices
* additional prose in the security considerations section which better
explains how this security object changes the attack vectors, as well
as a brief mention of securing rxnull/rxclear with IPsec
* flesh out the AFS assigned numbers registrar section with formal
specifications for each newly requested registry
* change the endpoint identifier type enumeration from 32-bits to
8-bits, as the larger size seemed quite wasteful
* mark several security header fields as reserved for future use
* I added a number of informative references to Transarc and CMU ITC
tech reports
As always, any feedback welcomed...
Thanks,
-Tom