Hi Robin, Yunan, Shunwan,
I'm a little late to this thread due to being preoccupied with a newborn.
Below are my comments, which take into consideration the other comments… sans
the YANG/telemetry debate. Considering we do use BGP-LS extensively, I don't
think YANG is the only solution to thes
On 7/10/18 11:42, Andrej Ota wrote:
>>> Since this makes secured transport a minimal necessary requirement
>>> for any secure deployment, what benefit is there to try and find
>>> further examples of what can be mandated if none of the mandates
>>> would meaningfully change the end result?
>>
>>
On Jul 10, 2018, at 11:42 AM, Andrej Ota wrote:
> Agreed. We (authors) were trying to put in more of the background as to what
> are the threats for this reason - empowering those who need to deploy the
> protocol to make the correct call.
>
> Though I'd flip this and put emphasis on what behav
On 07/10/2018 03:48 PM, Alan DeKok wrote:
On Jul 10, 2018, at 10:11 AM, Andrej Ota wrote:
Actually, both PAP and CHAP are irrelevant in this case. If Eve is in a
position to intercept TACACS+ traffic, she can flip a single bit in the
authentication response and that will ensure that the de
On Jul 10, 2018, at 10:11 AM, Andrej Ota wrote:
> Actually, both PAP and CHAP are irrelevant in this case. If Eve is in a
> position to intercept TACACS+ traffic, she can flip a single bit in the
> authentication response and that will ensure that the device (client) will
> consider authenticat
On 07/10/2018 12:34 PM, Alan DeKok wrote:
On Jul 10, 2018, at 3:52 AM, Andrej Ota wrote:
Could it be that we misunderstood each other as to what b) pertains to? a) is
obviously wrong as we certainly don't have to stop at documenting current
practices or even care about current practices i
On Jul 10, 2018, at 3:52 AM, Andrej Ota wrote:
>
> Could it be that we misunderstood each other as to what b) pertains to? a) is
> obviously wrong as we certainly don't have to stop at documenting current
> practices or even care about current practices if they result in an insecure
> deployme
Hi Chongfeng,
Thank you for including my remarks to the new revision of the draft.
I will help with further comments and suggestions.
Best Regards,
Giuseppe
From: xiechf@chinatelecom.cn [mailto:xiechf@chinatelecom.cn]
Sent: martedì 10 luglio 2018 10:18
To: Fioccola Giuseppe ; opsawg
Su
Hi , Guiseppe,
The use case you raisied has been added to the new draft which has been
submitted by Chen Li, thank you.
We are looking forward to receiving further comments and suggestions from you.
Chongfeng
xiechf@chinatelecom.cn
From: Fioccola Giuseppe
Date: 2018-04-18 16:45
To: xiec
On 10/07/2018 01:58, Alan DeKok wrote:
On Jul 9, 2018, at 5:51 PM, Andrej Ota wrote:
Is it worth asking everyone or even expecting anyone to migrate to
new-improved-and-still-insecure revision of T+ that requires exactly same
amount of operational solutions to secure deployment?
Is an
On 10/07/2018 02:56, Alan DeKok wrote:
On Jul 9, 2018, at 9:17 PM, Scott O. Bradner wrote:
imo - documenting existing practice is not the same thing as “rubber stamping”
Perhaps my messages were unclear.
I'm not opposed to *documenting* existing practices. I'm opposed to
*endorsing
11 matches
Mail list logo
