[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: draft-ietf-disman-conditionmib

To: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>, iesg@ietf.org
Subject: RE: draft-ietf-disman-conditionmib
From: Russ Housley <housley@vigilsec.com>
Date: Wed, 01 Oct 2003 09:05:54 -0400
In-reply-to: <7D5D48D2CAA3D84C813F5B154F43B155028EC3AE@nl0006exch001u.nl .lucent.com>

Bert:

> The ability to remotely shut off alarms seems to have a slightly different
> security consideration that the usual MIB document, yet this document has
> the typical boilerplate.

But... it is not JUST Boilerplate !!!
I did (and normally always do) ask them to be specific and explain
what the vulnerabilities are and I think they did. They have in the
security section:

  network operations.  These are the tables and objects and their
  sensitivity/vulnerability:

     arcTITimeInterval,
     arcCDTimeInterval,
     arcState,
     arcNalmTimeRemaining,
     arcRowStatus,
     arcStorageType.

  Setting these objects may have disruptive effects on network
  operation that range from omission of alarm notifications
  to flooding of unwanted alarm notifications from the netowrk.

Maybe you do not find that detailed/speciifc enough?
But I am not sure we want them to go into detail about specific
alarms, cause this table is a generic table.

You are right about the boilerplate. But, it is quite generic. I realize that is because the alarms are not defined here. However, "omission of alarm notifications" is obvious. That is what the whole document is describing. The consequence of masking the alarms is that important diagnostic information is suppressed. And, that is not said.

Russ

Prev by Date: Missing Ballot for: draft-ietf-ipsec-rfc2402bis-05.txt
Next by Date: IESG Ballot notification: draft-ietf-msec-mikey
Previous by thread: RE: draft-ietf-disman-conditionmib
Next by thread: RE: draft-ietf-disman-conditionmib
Index(es):
- Date
- Thread