[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Reply to review comments from Pekka Savola (1 of ?)

To: "Harrington, David" <dbh@enterasys.com>
Subject: RE: Reply to review comments from Pekka Savola (1 of ?)
From: George Jones <gmj@pobox.com>
Date: Thu, 26 Feb 2004 04:25:29 -0800 (PST)
Cc: Pekka Savola <pekkas@netcore.fi>, "" <opsec@ops.ietf.org>
In-reply-to: <6D745637A7E0F94DA070743C55CDA9BA015FF613@NHROCMBX1.ets.enterasys.com>
References: <6D745637A7E0F94DA070743C55CDA9BA015FF613@NHROCMBX1.ets.enterasys.com>
Reply-to: gmj@pobox.com

> I will point out that SNMPv3 isn't mentioned in RFC3631, and SNMPv3 is a
> full standard for secure Internet network management. SNMPv3 uses some
> of the primitives identified in RFC3631 to provide the security. SNMPv3
> was designed to be able to change which primitives are used, so new
> primitives can be used as they become available, and stronger (or
> weaker) primitives can be used that best meet deployment requirements.
>
> I think "See [RFC3631] for a current list of mechanisms that can be used
> to support secure management." is not helpful. As Jeff Schiller used to
> say, "just use IPSec" isn't enough; you need to describe how it will
> interact with other protocols to provide a secure environment.

Do you think a table in the examples section listing currently
available accpetable options (e.g. protocols) for each managment
function would be better/sufficient ?

---George

References:
- RE: Reply to review comments from Pekka Savola (1 of ?)
  - From: "Harrington, David" <dbh@enterasys.com>

Prev by Date: Re: Reply to review comments from Pekka Savola (1 of ?)
Next by Date: RE: Reply to reveiw comments from Pekka Savola (2 of ?)
Previous by thread: RE: Reply to review comments from Pekka Savola (1 of ?)
Next by thread: RE: Reply to review comments from Pekka Savola (1 of ?)
Index(es):
- Date
- Thread