[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Ballot: Remote Network Monitoring MIB Protocol Identifier Ref erence to Draft Standard (Revised)
Steve, in addition to the below, we should also realize that
RFC2895 is only specifying a macro language to specify
Protocol Identifiers and also has a set of specific
definitions of Protocol Identifiers using that macro
language.
It does itself NOT specify a protocol that ever goes on the wire.
The Protocol Identifiers a normally used in MIB modules, and such
MIB modules of course have (must have) proper security considerations
that make sense. So ... pls keep that in mind when re-evaluarting my
note/response below.
If possible, I'd like to clear this before the weekend (wehn I take off
on vacation).
Thanks,
Bert
> -----Original Message-----
> From: Wijnen, Bert (Bert) [mailto:bwijnen@lucent.com]
> Sent: donderdag 12 juni 2003 11:02
> To: Steven M. Bellovin
> Cc: Internet Engineering Steering Group
> Subject: RE: Ballot: Remote Network Monitoring MIB Protocol Identifier
> Ref erence to Draft Standard (Revised)
>
>
> Steve, this is an RFC that is being advanced to DS, they are
> not doing a new I-D. Do we want tthem to go through the
> overhead of a new I-D (which then becomes a new RFC to
> obsolete the current RFC2895) ??
> If so... there will possibly quite afew more admin and
> bureaucratic changes we want... because of our new NITs and
> all that.
>
> I'd prefer if we can just advance an existing RFC.
>
> Thanks,
> Bert
>
> > -----Original Message-----
> > From: Steven M. Bellovin [mailto:smb@research.att.com]
> > Sent: woensdag 11 juni 2003 23:14
> > To: IESG Secretary
> > Cc: Internet Engineering Steering Group
> > Subject: Re: Ballot: Remote Network Monitoring MIB Protocol
> Identifier
> > Reference to Draft Standard (Revised)
> >
> >
> > In message <200306051255.IAA22857@ietf.org>, IESG Secretary writes:
> > >
> >
> > > Yes No-Objection Discuss * Abstain
> > >
> > >Steve Bellovin [ ] [ ] [ x ] [ ]
> >
> > Mmm -- I think I'd like the Security Considerations to say
> something
> > like this:
> >
> > The security sensitivity of a macro is at least as great as
> > the sensitivity of any of its components, and sometimes greater.
> > For example, read access to port numbers alone is of mild
> > interest; the same is true for read access to host addresses
> > and TCP sequence numbers. However, the set of all of that
> > information for any one connection allows easy session
> > hijacking.
> >
> >
> > --Steve Bellovin, http://www.research.att.com/~smb (me)
> > http://www.wilyhacker.com (2nd edition of
> > "Firewalls" book)
> >
> >
>