On Wed, Jun 25, 2008 at 12:01:46PM -0700, Randy Presuhn wrote: > > Depending on how the snmpEngineID is constructed, it may contain the > > enterprise ID identifying the device manufacturer or it may contain a > > MAC address which is otherwise not accessibe (and which also gives a > > hint about the manufacturer), or it might contain an administratively > > assigned text that might be useful to further target an attack. > > > > Is this something to be seriously worried about? I can't judge. Do we > > have such text in USM RFC 3414? Obviously not. Is the fact that USM is > > silent about this sufficient to not be worried? Again, I can't judge. > > Though obviously not the same, I'd lump this in with RFC 3414's > commentary on traffic analysis attacks.
Well, as you said, this is not the same. ;-) > The recommended VACM configuration in appendix A of RFC 3415 gives > noAuthNoPriv read access to this information anyway. Not necessarily if you choose an "initial-no-access-configuration" (or I am misreading the A.1 item 5). /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1, 28759 Bremen, Germany Fax: +49 421 200 3103 <http://www.jacobs-university.de/> _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www.ietf.org/mailman/listinfo/gen-art
