[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: security considerations section

To: "'Andy Bierman'" <ietf@andybierman.com>, "'Netconf \(E-mail\)'" <netconf@ops.ietf.org>
Subject: RE: security considerations section
From: "David B Harrington" <dbharrington@comcast.net>
Date: Tue, 10 Oct 2006 14:34:21 -0400
In-reply-to: <452BC5EB.7090305@andybierman.com>

Hi,

To save some time, I recommend looking at the list of threats in
RFC3411 to help make sure you don't overlook any of the categories of
vulnerability identified there. I think that list contains pretty much
what the security directorate goes looking for when assessing a
security considerations section. 

That, of course, would only be a starting point; netconf notifications
may have specific vulnerabiltiies that do not apply to other NM
protocols such as SNMP.

One issue related to the notifications draft is the transport of data
from non-netconf streams, such as syslog and SNMP. The considerations
should probably mention that this data may be more vulnerable (or is
not more vulnerable) when being transported over netconf than when
being transported using the protocol normally used for transporting
it.

dbh

> -----Original Message-----
> From: owner-netconf@ops.ietf.org 
> [mailto:owner-netconf@ops.ietf.org] On Behalf Of Andy Bierman
> Sent: Tuesday, October 10, 2006 12:10 PM
> To: Netconf (E-mail)
> Subject: security considerations section
> 
> Hi,
> 
> I want to start a thread to discuss what needs to be in the
> Security Considerations section of the Notifications draft.
> 
> IMO, there does not seem to be that much we need to say, because
> the <notification> elements are never sent before the transport
> layer and the netconf layer (capabilities exchange) have been
> established, and the manager has been identified and authenticated.
> 
> We need to explain all the vulnerabilities in some detail,
> and identify what can and should "be secured" by an operator:
> 
>  - <create-subscription> invocation
>  - use of <kill-session>
>  - read-only data models
>  - read-write data models
>  - notification content
> 
> Is this list complete?
> Does anyone want to volunteer to write text for the Editor
> to incorporate into the next draft?
> 
> thanks,
> Andy
> 
> 
> --
> to unsubscribe send a message to netconf-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text body.
> archive: <http://ops.ietf.org/lists/netconf/>
> 



--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

References:
- security considerations section
  - From: Andy Bierman <ietf@andybierman.com>

Prev by Date: security considerations section
Next by Date: My review of and comments for: draft-ietf-netconf-notification-03 .txt
Previous by thread: security considerations section
Next by thread: My review of and comments for: draft-ietf-netconf-notification-03 .txt
Index(es):
- Date
- Thread