My apologies for responding slowly, I was traveling. If it is tolerable to people, I do not mind adding the two sentences requested by Sam to the isis-trill draft. Thanks, Donald PS: It appears to me that the same considerations apply to draft-ietf-isis-ieee-aq. On Fri, Dec 17, 2010 at 10:45 PM, Sam Hartman <hartmans-ietf@xxxxxxx> wrote: >>>>>> "Erik" == Erik Nordmark <nordmark@xxxxxxx> writes: > > > Erik> Adding just this sentence to draft-ietf-isis-trill (the code > Erik> point document) seems odd. Your comment is really a comment on > Erik> the security of IS-IS, and not specific to TRILL and unrelated > Erik> to the code points. > > I don't care much where the text goes. I'm happy if you provide an rfc > editor note for draft-ietf-trill-rbridge-protocol if you like that > approach better. However, as I read draft-ietf-isis-trill, it defines > the interface between TRILL and IS-IS. In my mind, that's where the > security consideration appears. You're re-using a component that isn't > up to our current standards--we know that; we're working on it in > KARP. However in doing that, you need to document the security > considerations for your protocol. Since you have a document that > specifically is the interface between your protocol and the component > you are re-using,that seems like the best place to do the documentation > work. > > however, in decreasing order of priority, I want to call out my concern > that we need to be far more careful about what we expect in terms of > security from future work we charter and that we should document the > specific interactions between IS-IS and TRILL. While I have expressed > an opinion above on where I think that documentation should go, feel > free to put it where you think is most correct. _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf