ccamp-9----Page:5
1 2 3 4 5 6 7 8 9 10
|
5 Comments received for 00 draft (2) OSPF (v2 and perhaps v3) and IS-IS (which is special because it doesn't run over IP) should also be considered in addition to BGP. Because SNMPv3 is mentioned, perhaps ISMS should be considered as well. Also, the section on reporting may wish to look at the new work in the Syslog WG, which is approaching or completing Last Calls, unless the DT has some other methods in mind. Define the trust domain scope - What are the boundaries? e.g. link ends, remote peers, areas, ASes How do you prove that you are in the domain? What are you allowed to do if you are in the domain? What are you allowed to do if you are outside the domain? If you are allowed to do something you are in *a* trust domain. So we need to define other trust domains such as inter-AS peering points. What can you assume everyone else in your domain does? The example here is that in an RSVP domain, you assume that the other members of the domain apply the same level of per-interface security as you do. |