[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Response to issues with -04 raised by Bert Wijnen

To: gmj@pobox.com, opsec@ops.ietf.org
Subject: RE: Response to issues with -04 raised by Bert Wijnen
From: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>
Date: Fri, 16 Apr 2004 21:01:54 +0200
Cc: bwijnen@lucent.com

Great. Looking forward to the changes.

Thanks,
Bert 

> -----Original Message-----
> From: George Jones [mailto:gmj@pobox.com]
> Sent: vrijdag 16 april 2004 14:47
> To: opsec@ops.ietf.org
> Cc: bwijnen@lucent.com
> Subject: Response to issues with -04 raised by Bert Wijnen
> 
> 
> bw> Date and Time: 2004-04-15, 16:57:28
> bw> Version: 04
> bw> Commented by: Wijnen, Bert
> bw> State before Comment: 0
> bw> State after Comment: 0
> bw> Comment: 1.During the Seoul meeting an issue was reaised which has
> bw>   not been addressed yet, and my reviewer Dan Romascanu
> bw>   considers this a key issue:
> bw>     Part of the content of this document is appropriate for
> bw>     large IP SPs networks, but not for enterprise networks
> bw>     deploying IP technology. Without specifying clearly this
> bw>     in the scope section (1.3), the document risks to be
> bw>     mis-leading. I actually have already encountered cases
> bw>     where people were taking the recommendations in this
> bw>     document ad-literam for enterprise IP routing and
> bw>     other IP-related equipment. In the absence of such a
> bw>     correction I oppose publishing this version as an
> bw>     Informational RFC.
> 
> bw>   This can be fixed with:
> bw>   - Change the current title:
> bw>       Operational Security Requirements for IP Network 
> Infrastructure
> bw>     into something aka:
> bw>       Operational Security Requirements for ISP IP Network
> bw>   Infrastructure
> 
> s/IP Network/Large ISP IP Network/
> 
> Wordy, but precise.
> 
> bw>     Actually in Seoul I pleaded for issuing a similar
> bw>     document for enterprise networks. I think that this
> bw>     is important work.
> bw>
> 
> As I mentioned in jabber (I think) at the BoF, I tried to
> expand the scope earlier, with the result that what is
> already a large (86p) doc became unmanagable.
> 
> I think addressing the needs of enterprise nets would
> be a fine first or second step for the working group.
> Stay tuned (and participate !) for charter discussions.
> 
> bw>
> bw>   - In sect 1.3: Change "IP networks" into "ISP networks"
> bw>     or "ISP IP networks"
> bw>
> bw> 2.I still see SNMP being referenced with RFC1157. That RFC
> bw>   is SNMPv1 which we have obsoleted. I'd prefer a refence
> bw>   to RFC3410 and RFC3411. And I also think it is mandatory
> bw>   to put some text in this document that states that SNMPv1
> bw>   does NOT provide proper security and that deployment of
> bw>   SNMPv3 instead is STRONGLY RECOMMENDED.
> 
> Will fix.  I'll send out htmlized diffs when done.
> 
> Thanks,
> ---George
>

Prev by Date: Response to issues with -04 raised by Bert Wijnen
Next by Date: draft-jones-opsec-05.txt submitted
Previous by thread: Response to issues with -04 raised by Bert Wijnen
Next by thread: draft-jones-opsec-05.txt submitted
Index(es):
- Date
- Thread