Secdir last call review of draft-ietf-tictoc-1588v2-yang-10

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reviewer: Samuel Weiler
Review result: Has Issues

I wonder whether there should be a requirement to use authentication when
making updates.  As the doc says:

   Write operations (e.g., edit-config) to these data nodes without
   proper protection can have a negative effect on network operations.

I'm sure someone will argue "if this is used in a closed network, we can avoid
the use of authentication".  Prudence suggests that "closed" networks don't
remain that way forever, and defense-in-depth is advisable.  Let's add a MUST
or at least a SHOULD.





[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux