[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Reply to review comments from Pekka Savola (1 of ?)

To: <gmj@pobox.com>
Subject: RE: Reply to review comments from Pekka Savola (1 of ?)
From: "Harrington, David" <dbh@enterasys.com>
Date: Thu, 26 Feb 2004 11:58:04 -0500
Cc: "Pekka Savola" <pekkas@netcore.fi>, <opsec@ops.ietf.org>

Hi George,

Great work by the way.

I think it would be better to list some of the acceptable protocols for
different types of management. I'd need to see the wording to decide if
it was sufficient.

dbh 

> -----Original Message-----
> From: George Jones [mailto:gmj@pobox.com] 
> Sent: Thursday, February 26, 2004 7:25 AM
> To: Harrington, David
> Cc: Pekka Savola; 
> Subject: RE: Reply to review comments from Pekka Savola (1 of ?)
> 
> > I will point out that SNMPv3 isn't mentioned in RFC3631, 
> and SNMPv3 is a
> > full standard for secure Internet network management. 
> SNMPv3 uses some
> > of the primitives identified in RFC3631 to provide the 
> security. SNMPv3
> > was designed to be able to change which primitives are used, so new
> > primitives can be used as they become available, and stronger (or
> > weaker) primitives can be used that best meet deployment 
> requirements.
> >
> > I think "See [RFC3631] for a current list of mechanisms 
> that can be used
> > to support secure management." is not helpful. As Jeff 
> Schiller used to
> > say, "just use IPSec" isn't enough; you need to describe how it will
> > interact with other protocols to provide a secure environment.
> 
> Do you think a table in the examples section listing currently
> available accpetable options (e.g. protocols) for each managment
> function would be better/sufficient ?
> 
> ---George
> 
>

Prev by Date: Re: Reply to reveiw comments from Pekka Savola (2 of ?)
Next by Date: -03bis, version for BoF
Previous by thread: RE: Reply to review comments from Pekka Savola (1 of ?)
Next by thread: Reply to reveiw comments from Pekka Savola (2 of ?)
Index(es):
- Date
- Thread