Add security considerations #52
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ionut-arm
requested review from
William-PanWei,
cabo,
henkbirkholz and
thomas-fossati
as code owners
Signed-off-by: Ionut Mihalcea <[email protected]>
ionut-arm
force-pushed
the
security-considerations
branch
from
5055153 to
0e67d4c
Compare
Contributor
Author
|
cc @junzhanghw |
|
seems good. |
Collaborator
thomas-fossati
left a comment
thomas-fossati
left a comment
There was a problem hiding this comment.
Thanks @ionut-arm for contributing this (and @junzhanghw for seeding some of the contents)!
I have left a few comments inline.
draft-ietf-rats-epoch-markers.md
Outdated
Comment on lines
414
to
417
| Some Epoch Marker types require receiver state to detect replay/rollback or establish sequencing. | ||
| For epoch-tick-list, freshness requires receiver-side state to identify the “next unused” tick; deployments SHOULD define how missing/out-of-order ticks are handled and how resynchronization occurs. | ||
| For strictly-monotonic-counter, receivers must track the highest accepted counter to detect rollback. | ||
| Deployments SHOULD document whether they use global epoch tracking or per-Attester state and, if necessary, the associated window. |
Collaborator
There was a problem hiding this comment.
I believe that if there are any functional considerations associated with a specific epoch marker, they should be documented alongside the epoch marker instance, no?
Contributor
Author
There was a problem hiding this comment.
True, I guess this is leaning more into the practicality of things. What do you think? Is something like this needed somewhere along the marker designs?
Collaborator
There was a problem hiding this comment.
What do you think? Is something like this needed somewhere along the marker designs?
At first glance, that’d be my preference.
Contributor
Author
There was a problem hiding this comment.
Moved the section and integrated it into the main text, let me know how you find it.
Co-authored-by: Thomas Fossati <[email protected]>
Signed-off-by: Ionut Mihalcea <[email protected]>
Signed-off-by: Ionut Mihalcea <[email protected]>
Signed-off-by: Ionut Mihalcea <[email protected]>
Signed-off-by: Ionut Mihalcea <[email protected]>
Considerations in that section are more fundamental than seccons. Signed-off-by: Ionut Mihalcea <[email protected]>
Collaborator
|
On Jan 27, 2026, at 16:42, Thomas Fossati ***@***.***> wrote:
As a general comment, there is some reluctance to use RFC 2119 language in the security considerations. We may want to change all the capitalised verbs to lowercase.
… the reason being that if there are protocol requirements following from the security considerations, these should already have been stated in the protocol definition and not just be mentioned later in a deliberative section (“… considerations”).
To avoid confusion (*) about lower case words, I’d use different phrases, such as “needs to” for “MUST” or “generally needs to” for SHOULD.
This also works better with the fact that these passages are mainly really statements of facts instead of normative language.
Grüße, Carsten
(*) Which really should have been over with RFC 8174, which we are all eagerly citing, but old habits...
|
Signed-off-by: Ionut Mihalcea <[email protected]>
Contributor
Author
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Partly addresses #54