[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-idmr-igmp-mrdisc-10.txt

To: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>
Subject: Re: draft-ietf-idmr-igmp-mrdisc-10.txt
From: "Steven M. Bellovin" <smb@research.att.com>
Date: Thu, 03 Apr 2003 09:02:38 -0500
Cc: iesg-secretary@ietf.org, iesg@ietf.org
In-reply-to: Your message of "Thu, 03 Apr 2003 14:44:49 +0200." <7D5D48D2CAA3D84C813F5B154F43B15501483EA3@nl0006exch001u.nl.lucent.com>

In message <7D5D48D2CAA3D84C813F5B154F43B15501483EA3@nl0006exch001u.nl.lucent.c
om>, "Wijnen, Bert (Bert)" writes:
>                     Yes    No-Objection  Discuss *  Abstain  
>Bert Wijnen         [   ]     [ x ]       [   ]      [   ] 
>
>During the call/telchat I'd say: no further objection.
>I am amazed that Randy needs to take the DISCUSS for the
>security considerations sections while both Security ADs
>have a No-Ob (albeit with comments).
>

I said "no-ob" because I don't think they can solve the problem in any 
useful fashion.  We don't have local router-to-host security; the 
closest we have is the SEND effort for IPv6.  Per my note, I'd rather 
they were more honest about it.  (And the really hard problem here is 
authorization:  how do the individual hosts know the public keys for 
the real local routers?)

		--Steve Bellovin, http://www.research.att.com/~smb (me)
		http://www.wilyhacker.com (2nd edition of "Firewalls" book)

References:
- RE: draft-ietf-idmr-igmp-mrdisc-10.txt
  - From: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>

Prev by Date: RE: Evaluation: draft-ietf-idmr-igmp-mrdisc - Multicast Router Discovery to Proposed Standard
Next by Date: Re: draft-dasilva-l2tp-relaysvc-06.txt
Previous by thread: RE: draft-ietf-idmr-igmp-mrdisc-10.txt
Next by thread: RE: draft-ietf-idmr-igmp-mrdisc-10.txt
Index(es):
- Date
- Thread