ccamp-9----Page:4
1 2 3 4 5 6 7 8 9 10
|
4 Comments received for 00 draft (1) Important work and a good start, encourage the WG to take it up as a work item. Scope: there may be cases in which insider threats are important The stance of not inventing security protocols or methods is entirely correct, but there are times when it may be important to say how certain security methods are used: what options to choose or otherwise. The design team may want to look at RFC 4230, RSVP Security Properties. The important security guidelines on DoS, which cannot be totally prevented, are to be able to filter at line speed and not to be an amplifier of attacks. The document says that encryption is expensive. This is generally not as true as it once was (1980s, e.g.), but sometimes it's not encryption but just cryptographic integrity that's needed, which is even less expensive. The key management is important, neglected, and harder. The document needs to spend more time on IKE than IPsec, instead of vice versa. |