Brian E Carpenter wrote:
>> Confused about this last comment. MichaelR pointed out the case of a
>> legacy network management platform, where you can easily add GRASP,
>> but not ACP support. I concur with this view: We saw this a lot in
>> customer deployment discussions.
>>
On 10/03/2017 22:39, Michael H. Behringer wrote:
> On 09/03/2017 20:37, Brian E Carpenter wrote:
>> On 10/03/2017 05:53, Barry Leiba wrote:
> Personal opinion: encryption should be a MUST.
I believe that we will have situations where we have a secured ACP into a
NOC
(
> Barry, is there a way to say, "UTF-8 without all the confusing parts"?
> Is that what IDN is all about?
Kinda-sorta, but it won't quite work for this. The high-order answer
is to reference IDNA 2008 (RFC 5892 will do) and say that characters
that are PVALID are acceptable here. The trouble
Brian E Carpenter wrote:
>> NEW In some cases there will be a transition period, in which it might
>> not be practical to run with strong encryption right away. It's
>> important to keep this period as short as possible, and to upgrade to
>> a fully encrypted setup as soon as pos
On 09/03/2017 20:37, Brian E Carpenter wrote:
On 10/03/2017 05:53, Barry Leiba wrote:
> Personal opinion: encryption should be a MUST.
I believe that we will have situations where we have a secured ACP into a NOC
(to an edge router or VM hypervisor), and then we will have some unencrypted,
>> This brings up a common rant that I have:
>> We should be putting into our protocol specs what we want the protocol
>> to be, not some compromise that comes from knowing that not everyone
>> will comply with everything from the start.
>>
>> If the right thing is to say "MUST encrypt", but we kno
On 10/03/2017 05:53, Barry Leiba wrote:
>> > Personal opinion: encryption should be a MUST.
>>
>> I believe that we will have situations where we have a secured ACP into a NOC
>> (to an edge router or VM hypervisor), and then we will have some unencrypted,
>> but secured links to platforms in t
> > Personal opinion: encryption should be a MUST.
>
> I believe that we will have situations where we have a secured ACP into a NOC
> (to an edge router or VM hypervisor), and then we will have some unencrypted,
> but secured links to platforms in transition.
>
> It will be easy to add the GRA
Brian E Carpenter wrote:
>> Both here and in 3.5.2.1: Why is encryption SHOULD, and not MUST?
>> Looking ahead to 3.5.2.1, how could it be considered safe to use a
>> network configuration protocol across administrative boundaries
>> without encryption?
> Input please, or els
Well, I take that back. I think all these points can be slipped into
this week's update of the draft (I plan to submit that on Friday
NZ time).
Two points for the WG:
>
> — Section 3.5.1 —
>
>If there is no ACP, the protocol MUST use another form of strong
>authentication and SHOULD use
Thanks Barry. Good comments, but we have to get a new draft out
before the deadline, so I'm not sure these will all make it in
until the one after.
Regards
Brian
On 08/03/2017 15:43, Barry Leiba wrote:
> I have reviewed this document as part of the security directorate's
> ongoing effort to re
11 matches
Mail list logo