draft-ietf-i2rs-protocol-security-requirements-05.txt   draft-ietf-i2rs-protocol-security-requirements-06.txt 
I2RS working group S. Hares I2RS working group S. Hares
Internet-Draft Huawei Internet-Draft Huawei
Intended status: Informational D. Migault Intended status: Informational D. Migault
Expires: November 21, 2016 J. Halpern Expires: November 25, 2016 J. Halpern
Ericsson Ericsson
May 20, 2016 May 24, 2016
I2RS Security Related Requirements I2RS Security Related Requirements
draft-ietf-i2rs-protocol-security-requirements-05 draft-ietf-i2rs-protocol-security-requirements-06
Abstract Abstract
This presents security-related requirements for the I2RS protocol for This presents security-related requirements for the I2RS protocol for
mutual authentication, transport protocols, data transfer and mutual authentication, transport protocols, data transfer and
transactions. transactions.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
skipping to change at page 1, line 34 skipping to change at page 1, line 34
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 21, 2016. This Internet-Draft will expire on November 25, 2016.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 10, line 42 skipping to change at page 10, line 42
3) the data is not repeated from some earlier interaction of the 3) the data is not repeated from some earlier interaction of the
protocol. (That is, when both confidentiality and integrity of protocol. (That is, when both confidentiality and integrity of
data is properly protected, it is possible to ensure that data is properly protected, it is possible to ensure that
encrypted data is not modified or replayed without detection.) encrypted data is not modified or replayed without detection.)
SEC-REQ-15: The integrity that the message data is not repeated means SEC-REQ-15: The integrity that the message data is not repeated means
that I2RS client to I2RS agent transport SHOULD protect against that I2RS client to I2RS agent transport SHOULD protect against
replay attack replay attack
Requirements SEC-REQ-14 and SEC-REQ-16 are SHOULD requirements only Requirements SEC-REQ-14 and SEC-REQ-15 are SHOULD requirements only
because it is recognized that some I2RS Client to I2RS agent because it is recognized that some I2RS Client to I2RS agent
communication occurs over a non-secure channel. The I2RS client to communication occurs over a non-secure channel. The I2RS client to
I2RS agent over a secure channel would implement these features. In I2RS agent over a secure channel would implement these features. In
order to provide some traceability or notification for the non-secure order to provide some traceability or notification for the non-secure
protocol, SEC-REQ-16 suggests traceability and notification are protocol, SEC-REQ-16 suggests traceability and notification are
important to include for any non-secure protocol. important to include for any non-secure protocol.
SEC-REQ-16: The I2RS message traceability and notification SEC-REQ-16: The I2RS message traceability and notification
requirements requirements found in [I-D.ietf-i2rs-traceability] and requirements requirements found in [I-D.ietf-i2rs-traceability] and
 End of changes. 5 change blocks. 
5 lines changed or deleted 5 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/