[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Evaluation: draft-ietf-ipp-not-spec - Internet Printing Protocol (IPP): Event Notifications and Subscriptions to Proposed Standard

To: IESG Secretary <iesg-secretary@ietf.org>
Subject: Re: Evaluation: draft-ietf-ipp-not-spec - Internet Printing Protocol (IPP): Event Notifications and Subscriptions to Proposed Standard
From: "Steven M. Bellovin" <smb@research.att.com>
Date: Tue, 01 Apr 2003 17:10:19 -0500
Cc: Internet Engineering Steering Group <iesg@ietf.org>

In message <200303282344.SAA25793@ietf.org>, IESG Secretary writes:
>
>Last Call to expire on: 2001-3-5
>
>	Please return the full line with your position.
>
>                    Yes    No-Objection  Discuss *  Abstain  
>Steve Bellovin      [   ]     [ X ]       [   ]      [   ] 

I would be nice to add (via RFC editor's note) some text to Appendices 
A and B that warns about the security risks of proxied notifications.  
Security is then no longer end-to-end, which creates some added risks.

		--Steve Bellovin, http://www.research.att.com/~smb (me)
		http://www.wilyhacker.com (2nd edition of "Firewalls" book)

Prev by Date: Re: Evaluation: draft-ietf-avt-crtp-enhance - Enhanced Compressed RTP (CRTP) for links with high delay, packet loss and reordering to Proposed Standard
Next by Date: Re: Evaluation: draft-ietf-ipp-not-spec - Internet Printing Protocol (IPP): Event Notifications and Subscriptions to Proposed Standard
Previous by thread: Re: Update GROW charder
Next by thread: Re: Evaluation: draft-zhao-slp-remote-da-discovery - Finding Remote Directory Agents and Service Agents in the Service Location Protocol via DNS SRV to Proposed Standard
Index(es):
- Date
- Thread