Yes, sorry about that - it is for the draft-c1222 .../Magnus On Sun, Jun 27, 2010 at 2:44 PM, Paul Hoffman wrote: > Given that I have made this same copy-and-paste error in the past: this review is for draft-c1222-transport-over-ip, not the one in the Subject: line. > > At 10:31 AM -0700 6/27/10, Magnus Nyström wrote: >>I have reviewed this document as part of the security directorate's >>ongoing effort to review all IETF documents being processed by the >>IESG.  These comments were written primarily for the benefit of the >>security area directors.  Document editors and WG chairs should treat >>these comments just like any other last call comments. >> >>This document defines a framework for transporting ANSI C12.22 >>advanced metering infrastructure (AMI) messages on IP networks. >> >>AMI is intended for interaction with various types of utility meters; >>as such, it is clear that security services such as data authenticity, >>integrity and confidentiality will be quite important.  This draft >>defers to ANSI C12.22 for application-layer security and states that >>any transport (or IP) network layer security security functionality >>shall act "only to enhance and preserve [and] ... not be a substitute >>for ... ANSI C12.22 ... security provisions." This is all good but I >>have not had access to C12.22 for this review and so cannot comment >>further on it. It seems to me, however, that the layering of C12.22 >>on top of IP networks may warrant a discussion about potential methods >>to enhance C12.22 security? For example, could privacy be enhanced >>beyond what C12.22 offers through use of a transport network's >>confidentiality services? >> >>Other than this I have no particular comments on this draft; it reads >>good to me. >>-- Magnus >>_______________________________________________ >>secdir mailing list >>secdir at ietf.org >> https://www.ietf.org/mailman/listinfo/secdir > > -- -- Magnus