On Dec 24, 2013, at 5:21 PM, Paul Aitken <pait...@cisco.com> wrote: > Benoit, Ben, > >>>> As I understand it the context is that certain data elements can include >>>> payload octets. This is subject to the security considerations in 5477, >>>> which basically say don't include too much, because of guidance from 2804. >>>> But my reading of 2804 does not give specific guidance things like how >>>> much payload one can capture before it becomes too much. >>>> >>>> I think the simplest solution would be to keep the reference to the 5477 >>>> security considerations, and reiterate that this model is not intended for >>>> gross capture of payloads, perhaps with an _informative_ reference to 2804. >>>> >>> The informative reference would be in line with RFC 5477. So yes. >>> Not sure if we need the reiteration. >>> >> I think a sentence or two would save the reader from having to flip back and >> forth between docs. But it's not a big deal one way or ahother. >> > > I've moved RFC2804 to an Informative reference, and changed the text to say: > > With sufficient length, this element also reports octets from the IP payload. > However full packet capture of arbitrary packet streams is explicitly out of > scope per the Security Considerations section of RFC5477 and RFC2804.
Works for me. Thanks, Ben. (P.S. Happy [whichever holiday works for you] ) _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www.ietf.org/mailman/listinfo/gen-art