…Informational [Page 3] RFC 6973 Privacy Considerations July 2013 . Introduction RFC3552 ] provides detailed guidance to protocol designers about both how to consider security as part of protocol design and how to inform readers of protocol specifications about security issues. Th…

…Informational [Page 3] RFC 6973 Privacy Considerations July 2013 . Introduction RFC3552 ] provides detailed guidance to protocol designers about both how to consider security as part of protocol design and how to inform readers of protocol specifications about security issues. Th…

…arious issues discussed in the guidelines for security considerations in RFCs [ RFC3552 ] and the privacy considerations for Internet protocols [ RFC6973 ]. In particular, note the privacy considerations text for the Global System for Mobile Communications Association (GSMA) / In…

…arious issues discussed in the guidelines for security considerations in RFCs [ RFC3552 ] and the privacy considerations for Internet protocols [ RFC6973 ]. In particular, note the privacy considerations text for the Global System for Mobile Communications Association (GSMA) / In…

…ring privacy impacts of your specification, particularly Section 7 of RFC6973. [RFC3552] provides general advice as to writing Security Consideration sections, and Section 5 of RFC3552 has specific requirements. Generally, these sections should contain clear descriptions of the p…

…arious issues discussed in the guidelines for security considerations in RFCs [ RFC3552 ] and the privacy considerations for Internet protocols [ RFC6973 ]. In particular, note the privacy considerations text for the Global System for Mobile Communications Association (GSMA) / In…

… face of an attacker who has complete control of the network, as described in [ RFC3552 ]. See Appendix E for a more complete statement of the relevant security properties. TLS consists of two primary components: - A handshake protocol ( Section 4 ) that authenticates the communi…

…defined. General guidelines for writing security considerations are defined in [RFC3552] (BCP 72). Specifications using CDDL to define CBOR structures in protocols need to follow those guidelines. Additional topics that could be considered in a security considerations section for…

…rs, who are able to control your network. Network attackers correspond to the [ RFC3552 ] "Internet Threat Model". Note that in some cases, a network attacker is also a web attacker, since transport protocols that do not provide integrity protection allow the network to inject tr…

…ined for that character encoding scheme. 5 . Security Considerations Refer to [ RFC3552 ] for a discussion of terminology used in this section. Examples in this section and discussions of interactions of host environments with scripts and extensions to [ ECMA ] are to be understo…

…e face of an attacker who has complete control of the network, as described in [RFC3552]. See Appendix E for a more complete statement of the relevant security properties. TLS consists of two primary components: - A handshake protocol (Section 4) that authenticates the communicat…

…defined. General guidelines for writing security considerations are defined in [RFC3552] (BCP 72). Specifications using CDDL to define CBOR structures in protocols need to follow those guidelines. Additional topics that could be considered in a security considerations section for…

…efined for that character encoding scheme. . Security Considerations Refer to [ RFC3552 ] for a discussion of terminology used in this section. Examples in this section and discussions of interactions of host environments with scripts and extensions to [ ECMA ] are to be understo…

… face of an attacker who has complete control of the network, as described in [ RFC3552 ]. See Appendix E for a more complete statement of the relevant security properties. TLS consists of two primary components: - A handshake protocol ( Section 4 ) that authenticates the communi…

… DNS. In short, an active attacker corresponds to the conventional threat model RFC3552 for TLS 1.3 RFC8446 Passive and active attackers can exist anywhere in the network, including between the client and client-facing server, as well as between the client-facing and backend serv…