[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Evaluation: draft-ietf-pilc-link-design - Advice for Internet Subnetwork Designers to BCP
- To: IESG Secretary <iesg-secretary@ietf.org>
- Subject: Re: Evaluation: draft-ietf-pilc-link-design - Advice for Internet Subnetwork Designers to BCP
- From: "Steven M. Bellovin" <smb@research.att.com>
- Date: Wed, 05 Mar 2003 12:27:06 -0500
- Cc: Internet Engineering Steering Group <iesg@ietf.org>
In message <200302281700.MAA04789@ietf.org>, IESG Secretary writes:
>
>Last Call to expire on: 2003-3-7
>
> Please return the full line with your position.
>
> Yes No-Objection Discuss * Abstain
>
>
>Steve Bellovin [ ] [ X ] [ ] [ ]
I'm saying 'no-ob', but I think that my very first and very last points
should be addressed by an RFC editor's note.
Section 6: Should there be mention of switches that snoop on IGMP? I
suspect so.
Section 14: There's an equation I once derived that may be useful. For
a compression algorithm that resyncs every n packets (i.e., one that
tries to send a new compression dictionary every n packets, so that it
can get better interpacket compression), and with a packet loss
probability of p, the effective packet loss probability will be
multiplied -- if a packet is dropped, all subsequent packets up to the
resync point are dropped. The effective packet drop probability is
P = 1 - (\sum_{i=1}^n (1-p)^i) / n. (I have no idea if they would want
to incorporate that at this point.)
18: Another way to view the need for WEP is that it protects a link
with a much-higher threat level. In the case of, say, consumers with
credit card numbers, the easy places to intercept them are at the
edges. The consumer edge (i.e., the home wireless LAN) can be
protected with WEP; at the business edge, an attacker who can sniff
them can more easily steal the whole database from the host.
The list at the end should include replay attacks.
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com (2nd edition of "Firewalls" book)