W3C home > Mailing lists > Public > ietf-discuss@w3.org > July 1999

RE: IAB draft on security

From: Dave Crocker <dcrocker@brandenburg.com>
Date: Tue, 27 Jul 1999 17:02:06 -0700
Message-Id: <4.2.0.56.19990727165833.00bd9950@mail.bayarea.net>
To: "Larry Masinter" <masinter@parc.xerox.com>
Cc: "Brian E Carpenter" <brian@hursley.ibm.com>, <discuss@apps.ietf.org>
At 04:05 PM 7/27/99 , Larry Masinter wrote:
> > > > > A document that gives security guidelines for IETF protocols
> > > > > should explain this policy and its impact.
>
> > What is missing in RFC 1984 in this respect?
>
>A set of thorough cross-references to RFC 1984 would be a fine way
>of satisfying this particular goal.


I don't agree.

In effect, 1984 makes a set of cases about general issues.  It's entirely 
generic.

I think that something which analyses current detail would be appropriate.

Ironically, this should probably be published as a BCP, noting a particular 
set of details and their particular limitations. For example, noting that 
the details in the current limitation permit highly reliable breakability 
with (what is it now?) 72 hours, or somesuch.

Just a thought.

d/

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Dave Crocker                                         Tel: +1 408 246 8253
Brandenburg Consulting                               Fax: +1 408 273 6464
675 Spruce Drive                             <http://www.brandenburg.com>
Sunnyvale, CA 94086 USA                 <mailto:dcrocker@brandenburg.com>
Received on Wednesday, 28 July 1999 10:37:44 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 23 March 2006 20:11:26 GMT