[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Security COnsiderations in MIB documents

To: "Ted Hardie (E-mail)" <hardie@qualcomm.com>
Subject: Security COnsiderations in MIB documents
From: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>
Date: Thu, 2 Oct 2003 12:17:45 +0200
Cc: "Iesg (E-mail)" <iesg@ietf.org>

When evaluating the disman-condition MIB document, Ted
commented:

   The second "even then" in the following text from the
   Security Considerations seems spurious 

      Even if the network itself is secure (for example by using IPSec),
      even then, there is no control as to who on the secure network
      is allowed to access and GET/SET (read/change/create/delete) the
      objects in this MIB module.

I remember that we did a lot of word-smithing on the "guidelines
for MIB security considerations" very early this year. And if I recall
correctly, the "even then" thing was discussed and left in.

What I am willing to do on this thing is to "once more" go through the
guidelines I have online. Maybe we want the IESG to "Evaluate" those
guidelines, so that from then on I am done with the word-smitting
issues on this section.

I understand that Ted did not take a discuss. 
But pls also understand that I cannot keep word-smithing these things
continuously. Does it make that much of a difference?

Thanks,
Bert

Follow-Ups:
- Re: Security COnsiderations in MIB documents
  - From: hardie@qualcomm.com

Prev by Date: Re: Evaluation: draft-ietf-ipsec-esp-v3-06.txt
Next by Date: disman condition MIB
Previous by thread: Re: Evaluation: draft-ietf-ipsec-esn-addendum-02.txt
Next by thread: Re: Security COnsiderations in MIB documents
Index(es):
- Date
- Thread