[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
evaluation: draft-ietf-dhc-isnsoption
I have a hard time convincing myself that my objections have been
resolved. I still don't know what is mandatory-to-implement. The
document says, in effect, "verify the response or don't use this
option, but you can try to use 3118 or you can try to use IPsec or
iSNS". How about this?
A conforming implementation MUST support RFC 3118. IPsec
or iSNS authentication blocks SHOULD be supported [or MUST],
and MAY be used for authentication if preconfigured that
way by both parties.
I'm willing to be convinced otherwise, but for now leave me as a
DISCUSS. (Do other people read that section differently than me?)
--Steve Bellovin, http://www.research.att.com/~smb