[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Issue 101: WG Last Call Review

To: <paul.congdon@hp.com>, <radiusext@ops.ietf.org>
Subject: RE: Issue 101: WG Last Call Review
From: <Pasi.Eronen@nokia.com>
Date: Thu, 15 Sep 2005 11:33:30 +0300

paul.congdon@hp.com wrote:

> > There's no need to imagine all things that could happen if a 
> > RADIUS server is compromised, but it is IMHO necessary to at 
> > least briefly discuss how implementing _this_ document 
> > changes the existing situation.
> > 
> > Maybe something like this:
> > 
> 
> I'm assuming the text you provided would be in addition to what is
> already there?  Below, I've merged  your text into the 
> existing text as an entirely new Security section. 

No, the text was intended as a replacement of what's already there.

The existing text is IMHO unnecessary because it doesn't describe any
security considerations of _this_ document. I don't think we need
to repeat what's already said in RFC 2865 and 3579 in every document
that defines a new RADIUS attribute: we just need to describe what
new security considerations this document has (in addition to
those already adequately described in 2865/3579).

Best regards,
Pasi

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: Re: REMINDER: Call for review of RFC 2618bis-2621bis
Next by Date: RE: REMINDER: Call for review of RFC 2618bis-2621bis
Previous by thread: RE: Issue 101: WG Last Call Review
Next by thread: RE: Issue 101: WG Last Call Review
Index(es):
- Date
- Thread