MIKEY-RSA-R: An Additional Mode of Key Distribution in Multimedia Internet KEYing (MIKEY)
RFC 4738

Note: This ballot was opened for revision 07 and is now closed.

Lars Eggert No Objection

Comment (2006-06-06 for -** No value found for 'p.get_dochistory.rev' **)
No email
send info
Section 1.1., paragraph 0:

>    The MIKEY protocol [RFC3830] has three different methods for key
>    transport or exchange: a pre-shared key mode (PSK), a public-key
>    (RSA) mode, and an optional Diffie-Hellman exchange (DHE) mode.  In
>    addition, there is also an optional DH-HMAC mode [I-D.ietf-msec-
>    mikey-dhhmac], bringing the total number of modes to four.  The
>    primary motivation for the MIKEY protocol design is low-latency
>    requirements of real-time communication, and thus all the exchanges
>    finish in one-half to 1 round-trip; note that this offers no room for
>    security parameter negotiation of the key management protocol itself.
>    In this document, we note that the MIKEY modes defined in RFC3830
>    [RFC3830] and [I-D.ietf-msec-mikey-dhhmac] are insufficient to
>    address some deployment scenarious and common use cases, and propose
>    a new mode called MIKEY-RSA in Reverse mode, or simply as
>    MIKEY-RSA-R.  This document updates RFC 3830 with the addition of
>    this new mode to that specification.

        NIT: s/scenarious/scenarios/
 

Section 3.7.3., paragraph 2:

>          Type      | Value | Comment
>          -------------------------------------------------------
>          Vendor ID |     0 | Vendor specific byte string
>          SDP IDs   |     1 | List of SDP key mgmt IDs
>                    |       |   (allocated for use in [KMASDP])
>          CSB-ID    |     3 | Responder's modified CSB-ID (group mode)

        Missing Reference: [KMASDP]

(Russ Housley; former steering group member) Yes

Yes ( for -** No value found for 'p.get_dochistory.rev' **)
No email
send info

(Bill Fenner; former steering group member) No Objection

No Objection ( for -** No value found for 'p.get_dochistory.rev' **)
No email
send info

(Brian Carpenter; former steering group member) No Objection

No Objection ( for -** No value found for 'p.get_dochistory.rev' **)
No email
send info

(Cullen Jennings; former steering group member) (was Discuss) No Objection

No Objection (2006-06-08)
No email
send info
I did not fully understand how this worked in group mode - I believe it works. It just the description could use a bit more overview that made it easier to understand. 

The document would be better with an example that could be used as test vector.

(Dan Romascanu; former steering group member) No Objection

No Objection ( for -** No value found for 'p.get_dochistory.rev' **)
No email
send info

(David Kessens; former steering group member) No Objection

No Objection ( for -** No value found for 'p.get_dochistory.rev' **)
No email
send info

(Jari Arkko; former steering group member) No Objection

No Objection ( for -** No value found for 'p.get_dochistory.rev' **)
No email
send info

(Jon Peterson; former steering group member) No Objection

No Objection ( for -** No value found for 'p.get_dochistory.rev' **)
No email
send info

(Lisa Dusseault; former steering group member) No Objection

No Objection ( for -** No value found for 'p.get_dochistory.rev' **)
No email
send info

(Magnus Westerlund; former steering group member) No Objection

No Objection ( for -** No value found for 'p.get_dochistory.rev' **)
No email
send info

(Mark Townsley; former steering group member) No Objection

No Objection ( for -** No value found for 'p.get_dochistory.rev' **)
No email
send info

(Ross Callon; former steering group member) No Objection

No Objection ( for -** No value found for 'p.get_dochistory.rev' **)
No email
send info

(Sam Hartman; former steering group member) No Objection

No Objection ( for -** No value found for 'p.get_dochistory.rev' **)
No email
send info

(Ted Hardie; former steering group member) No Objection

No Objection ( for -** No value found for 'p.get_dochistory.rev' **)
No email
send info