RE: [Bridge-mib] Begin WG Last Call - draft-ietf-bridge-8021x-00.txt

As the scope of this document is to produce a replica of the MIB defined in the IEEE document, I will not refer my comments to the MIB itself, but to the surrounding IETF-ish envelope. I have one fundamental issue, and a few editorials.

The fundamental one: I think that the Security Considerations section is much too weak taking into account the scope of the IEEE 802.1X standard. We need to fix this before it gets under the IESG scrutiny. The security section needs to mention the fact that the standard modeled by this MIB has a strong security functionality. It needs to list explicitly the objects with MAX-ACCESS of read-write or read-create that if be potentially written by a malicious attacker can endanger the security by allowing access to the layer 2 network by un-authorized users. It also needs to mention that some of the objects (even of those with MAX-ACCESS clause of read-only) if exposed can allow for security holes in the access to the network to be exposed to un-authorized viewers.

Now the editorial issues:
1. page 3, section 2 - the second paragraph seems broken in syntax, and content - Source Route and transparent are not modes, by rather methods. They happen to be the ones standardized in IEEE 802, but there are at least two other methods (translation and encapsulation) which are not covered by IEEE 802 standards. 
2. Formatting of section 3, paragraph 1 seems broken
3. Same for section 3.1
4. The numbering of some of the objects (9.4.3, 9.4.4, etc.) in section 3.1 seems out of context
5. Section 3.3 and following - the term 'System' is used here, without a clear explanation of what it means
6. I think that it would help to define shortly (or at least refer to the IEEE standard) the supplicant and authenticator
7. Section 3.6 - there seems to be a mis-spelling of an object name referred from RFC 2863
8. Section 6 - IEEE is duplicated
9. Section 7 - need to divide references into normative and non-normative.

Thanks,

Dan

> -----Original Message-----
> From: Les Bell [mailto:Les_Bell@eur.3com.com]
> Sent: Tuesday, November 26, 2002 5:24 PM
> To: bridge-mib@ietf.org
> Subject: [Bridge-mib] Begin WG Last Call - 
> draft-ietf-bridge-8021x-00.txt
> 
> 
> 
> 
> 
> Hi,
> 
> The Bridge MIB WG has completed work on the "Definitions for 
> Port Access Control
> (IEEE 802.1X) MIB".  This memo proposes to re-publish the 
> Port Access Entity
> MIB, as defined in IEEE 802.1X, in an Informational RFC, for 
> the convenience of
> the IETF community.
> 
> The WG proposes that the I-D 'draft-ietf-bridge-8021x-00.txt' 
> is the completed
> version of this document. The WG members are strongly urged 
> to review this
> document as soon as possible, and express any concerns, or
> identify any errors, in an email to the Bridge MIB WG mailing list.
> 
> Unless there are strong objections, published on the WG 
> mailing list by December
> 11, 2002, this document will be forwarded to the OPS Area 
> Directors for
> consideration to publish as an Informational RFC.
> 
> Please send all comments to the WG mailing list at 
> bridge-mib@ietf.org.
> 
> Thanks,
> Les...
> 
> 
> _______________________________________________
> Bridge-mib mailing list
> Bridge-mib@ietf.org
> https://www1.ietf.org/mailman/listinfo/bridge-mib
> 
_______________________________________________
Bridge-mib mailing list
Bridge-mib@ietf.org
https://www1.ietf.org/mailman/listinfo/bridge-mib