- From: Timur Shemsedinov <Timur@niist.ntu-kpi.kiev.ua>
- Date: Wed, 6 Nov 2002 15:24:40 +0200
- To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Cc: discuss@apps.ietf.org, paf@cisco.com
KDZ> Security Considerations KDZ> It should be clearly noted that protocol provides only KDZ> a simple clear-text user/password authentication mechanism. It is stated in unit 7. Concerning security, the USP defines only authorization mechanism and requirement to the USP server and the client realization. This document does not contain explanations of data loose protection during its transmission over the transport channel or special traffic coding against the grabbing. These tasks are duty of the transport layer protocols using by USP. KDZ> IANA Considerations KDZ> The document does not request the registration the URI scheme KDZ> it details. I looked RFC2396,2317,2318 concerning this question. All necessary information, for the URI definition is contained in the document. But, is it necessary to group or to extract definition into appendix. It will be great to have the reference to an example of correct registration. KDZ> Also, the document does not establish any IANA KDZ> registries but appears to have a number of extensible fields. You are right, the registration necessity for RPC interfaces is supposed in order to prevent the naming conflict. Whether is it IANA function? KDZ> Also, the Section 1 sentence KDZ> I am distinctly aware of all complexities ... Probably, it is better to remove this sentence. KDZ> Lastly, in doing a quick review the document, I noticed a number KDZ> of editorial issues and the usual nits. These I will raise to the KDZ> author separately (with CC to the Patrik) when I get a chance. Thanks for your comments; they are really worth. Best regards, Timur mailto:Timur@niist.ntu-kpi.kiev.ua
Received on Wednesday, 6 November 2002 08:20:27 UTC