RE: Pls review documents on IESG Agenda October 27, 2005 Telechat

["David B Harrington" <ietfdbh@comcast.net>]

Hi,

I have suggestions to improve the wordings here. All the lines I have
changed have no '>' preceding the line.

> http://www.ietf.cnri.reston.va.us/internet-drafts/draft-ietf-i
eprep-doma
> in-req-05.txt includes in the Security Consideration section the
> following: 
> 
>   - Most current deployments of SNMP are of versions prior to
>        SNMPv3, even though there are well-known security
>        vulnerabilities in those versions of SNMP. The IETF has
         declared those prior versions Historic, and RECOMMENDS
         that deployments upgrade to SNMP version 3.
> 
>   - SNMP versions prior to SNMPv3 cannot support cryptographic
>        security mechanisms.  Hence, any use of SNMP prior to
> old:   version 3 to write or modify MIB objects do so in a
  new:   version 3 to read or write or modify MIB objects do so in a
>        non-secure manner.  As a result, it may be best to constrain
         the use of SNMP to SNMPv3-capable agents and managers
         (i.e. to SNMPv3 messages). 
> 
>   - Finally, any MIB defining writable objects should carefully
>        consider the security implications of an SNMP compromise on
>        the mechanism(s) being controlled by those writable MIB
         objects. It is already a requirement of all IETF standard 
         MIB modules that a detailed Security Considerations section 
         accompany the MIB module. It is RECOMMENDED that MIB modules 
         developed by other organizations include a comparable Security
         Consideration section.

Dave Harrington
dbharrington@comcast.net