[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: draft-ietf-idmr-igmp-mrdisc-10.txt
In message <7D5D48D2CAA3D84C813F5B154F43B15501483EA3@nl0006exch001u.nl.lucent.c
om>, "Wijnen, Bert (Bert)" writes:
> Yes No-Objection Discuss * Abstain
>Bert Wijnen [ ] [ x ] [ ] [ ]
>
>During the call/telchat I'd say: no further objection.
>I am amazed that Randy needs to take the DISCUSS for the
>security considerations sections while both Security ADs
>have a No-Ob (albeit with comments).
>
I said "no-ob" because I don't think they can solve the problem in any
useful fashion. We don't have local router-to-host security; the
closest we have is the SEND effort for IPv6. Per my note, I'd rather
they were more honest about it. (And the really hard problem here is
authorization: how do the individual hosts know the public keys for
the real local routers?)
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com (2nd edition of "Firewalls" book)