1. Summary
The document shepherd is Philipp S. Tiesel.
The responsible Area Director is Magnus Westerlund.
The document provides a survey of commonly used or notable network
security protocols, with a focus on how they interact and integrate
with applications and transport protocols. It is intended to guide
APIs that offer both transport services and transport security
services.
Section 3 and 4 complements RFC 8095 in its efforts to catalog
transport services by describing the transport services provided
by security protocols. This survey is not limited to protocols
developed within the scope or context of the IETF, and those
included represent a superset of features a Transport Services
system may need to support.
Sections 4 and 5 complement "draft-ietf-taps-minset": They extend the
minimum feature set for a TAPS system with transport security services
and describe the interfaces required to add security protocols to a
TAPS system.
The intended publication type is Informational, as the document
contains a survey of existing security protocols. Its intended audience
are implementors of transport services APIs based on TAPS agenda
item 3 and 4 that use security protocols and people generally
interested in the features security protocols provide.
2. Review and Consensus
The document was started by a small number of people, but the need for
it has strong consensus. Adopting it took some time as it required
re-chartering the WG to allow summarising security protocols and
defining a set of security-related transport services. The document was
actively discussed on the mailing list and received a considerable
number of reviews, updates, and improvements throughout this process.
An early Secdir review raised concerns against including non-IETF
protocols without stable specification, e.g., Wiregugrd, CurveCP, and
MinimalT, while not describing other popular IETF protocols. The
authors decided to keep these protocols in the document as there have
unique features they wanted to include, and to add the protocols
requested by the Secdir review. The informal criteria for inclusion of
protocols were clarified by the authors established as any new protocol
must either add a new transport feature or be extremely popular. The
wording was adapted to address the concerns.
The WG last call received considerable feedback without major issues
being raised. Last-minute issues raised by the shepherd have been
corrected.
3. Intellectual Property
As this document introduces no new technologies or APIs beyond those
already published, I see no IPR issues.
4. Other Points
There are no normative downward references and no IANA considerations.
The document references two RFCs that have been obsoleted:
- RFC 2385 (TCP MD5): This reference is correct as the mechanism
still exists and is actively used and, therefore, relevant for this document.
- RFC 5246 (TLS 1.2): This reference is necessary, as the document
discusses differences between TLS 1.2 and TLS 1.3 (RFC 8446)
and, therefore, needs to reference the obsolete version.