[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: draft-ietf-disman-conditionmib

To: "'Russ Housley'" <housley@vigilsec.com>, iesg@ietf.org
Subject: RE: draft-ietf-disman-conditionmib
From: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>
Date: Wed, 1 Oct 2003 10:37:14 +0200

Russ writes:
> 
> The ability to remotely shut off alarms seems to have a slightly different 
> security consideration that the usual MIB document, yet this document has 
> the typical boilerplate.

But... it is not JUST Boilerplate !!!
I did (and normally always do) ask them to be specific and explain
what the vulnerabilities are and I think they did. They have in the
security section:

  network operations.  These are the tables and objects and their
  sensitivity/vulnerability:

     arcTITimeInterval,
     arcCDTimeInterval,
     arcState,
     arcNalmTimeRemaining,
     arcRowStatus,
     arcStorageType.

  Setting these objects may have disruptive effects on network
  operation that range from omission of alarm notifications
  to flooding of unwanted alarm notifications from the netowrk.

Maybe you do not find that detailed/speciifc enough?
But I am not sure we want them to go into detail about specific
alarms, cause this table is a generic table.

> I do not feel strong enough to register a  DISCUSS, but there is
> something unsettling.  Part of the  reason that I do not
> want to register a DISCUSS is because the alarms themselves are not 
> described in this document.  The context of the alarms needs to be 
> understood to determine the security consequences of masking them.
>
Well... they reference the ITU documents where these ARE described.
We do not want them to repat that description, do we?

Hope this makes you feel better letting it pass.

Bert 
> Russ
> 
>

Prev by Date: HUBMIB probably not meeting in Minneapolis
Next by Date: RE: draft-ietf-rmonmib-apm-mib
Previous by thread: HUBMIB probably not meeting in Minneapolis
Next by thread: RE: draft-ietf-disman-conditionmib
Index(es):
- Date
- Thread