- From: Dave Crocker <dcrocker@brandenburg.com>
- Date: Tue, 27 Jul 1999 17:02:06 -0700
- To: "Larry Masinter" <masinter@parc.xerox.com>
- Cc: "Brian E Carpenter" <brian@hursley.ibm.com>, <discuss@apps.ietf.org>
At 04:05 PM 7/27/99 , Larry Masinter wrote: > > > > > A document that gives security guidelines for IETF protocols > > > > > should explain this policy and its impact. > > > What is missing in RFC 1984 in this respect? > >A set of thorough cross-references to RFC 1984 would be a fine way >of satisfying this particular goal. I don't agree. In effect, 1984 makes a set of cases about general issues. It's entirely generic. I think that something which analyses current detail would be appropriate. Ironically, this should probably be published as a BCP, noting a particular set of details and their particular limitations. For example, noting that the details in the current limitation permit highly reliable breakability with (what is it now?) 72 hours, or somesuch. Just a thought. d/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Dave Crocker Tel: +1 408 246 8253 Brandenburg Consulting Fax: +1 408 273 6464 675 Spruce Drive <http://www.brandenburg.com> Sunnyvale, CA 94086 USA <mailto:dcrocker@brandenburg.com>
Received on Wednesday, 28 July 1999 10:37:44 UTC