[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

draft-ietf-msdp-spec

To: iesg@ietf.org
Subject: draft-ietf-msdp-spec
From: Steve Bellovin <smb@research.att.com>
Date: Wed, 16 Apr 2003 14:46:02 -0400

Since it's Experimental rather than standards track, I'll describe the 
Security Considerations as "quite inadequate" rather than "grossly 
inaadequate".  It boils down to "use IPsec", without giving enough 
detail, or "use MD5" without saying *anything* about the syntax.  (TLS 
is another obvious choice that's omitted.)  Beyond that, there's no 
discussion of the authorization model.


		--Steve Bellovin, http://www.research.att.com/~smb (me)
		http://www.wilyhacker.com (2nd edition of "Firewalls" book)

Prev by Date: Re: draft-chiba-radius-dynamic-authorization
Next by Date: RE: Last Call: 'Remote Network Monitoring MIB Extensions for Swit ch Networks Version 1.0' (RFC 2613) to Draft
Previous by thread: Re: draft-ietf-msdp-spec
Next by thread: Re: draft-ietf-msdp-spec
Index(es):
- Date
- Thread