Discussion:
Verifying changes in draft-ietf-sip-certs
Robert Sparks
2010-09-21 18:22:29 UTC
Permalink
All -

The last discuss on draft-ietf-sip-certs has cleared. The draft received a few substantial
changes as a result of IESG evaluation. I'd like folks to look through what's changed before
approving the document.

Please look over draft-ietf-sip-certs-15 and comment before Sep 30.
This diff, in particular, highlights the changes due to IESG evaluation:
<http://tools.ietf.org/rfcdiff?url1=draft-ietf-sip-certs-11&difftype=--hwdiff&submit=Go!&url2=draft-ietf-sip-certs-15>

Thanks,

RjS
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is essentially closed and only used for finishing old business.
Use sip-***@cs.columbia.edu for questions on how to develop a SIP implementation.
Use ***@ietf.org for new developments on the application of sip.
Use ***@ietf.org for issues related to maintenance of the core SIP specifications.
Cullen Jennings
2010-09-21 18:35:29 UTC
Permalink
The main change to the draft is the addition of some stronger crypto - namely AES and SHA256. Deployments can use either SHA1 or SHA256. Given some of the attacks on SHA1 since the time this draft was in started, the security folks feel it is best to have SHA256 as well as SHA1. We also added pointers to other IETF documents that give advice on storing private keys on devices and removed a requirement around the names in self signed certificates as that added no security and reduced which certificates could be used.

Cullen
Post by Robert Sparks
All -
The last discuss on draft-ietf-sip-certs has cleared. The draft received a few substantial
changes as a result of IESG evaluation. I'd like folks to look through what's changed before
approving the document.
Please look over draft-ietf-sip-certs-15 and comment before Sep 30.
<http://tools.ietf.org/rfcdiff?url1=draft-ietf-sip-certs-11&difftype=--hwdiff&submit=Go!&url2=draft-ietf-sip-certs-15>
Thanks,
RjS
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is essentially closed and only used for finishing old business.
Use sip-***@cs.columbia.edu for questions on how to develop a SIP implementation.
Use ***@ietf.org for new developments on the application of sip.
Use ***@ietf.org for issues related to maintenance of the core SIP specifications.
Loading...