Re: [MIB-DOCTORS] Readable and MAXACCESS
Randy Presuhn <randy_presuhn@alumni.stanford.edu> Sat, 15 September 2018 00:27 UTC
Return-Path: <randy_presuhn@alumni.stanford.edu>
X-Original-To: mib-doctors@ietfa.amsl.com
Delivered-To: mib-doctors@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDC2A130E63 for <mib-doctors@ietfa.amsl.com>; Fri, 14 Sep 2018 17:27:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qD53K0SvSic8 for <mib-doctors@ietfa.amsl.com>; Fri, 14 Sep 2018 17:27:51 -0700 (PDT)
Received: from mail-pl1-f173.google.com (mail-pl1-f173.google.com [209.85.214.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1484C130DC3 for <mib-doctors@ietf.org>; Fri, 14 Sep 2018 17:27:51 -0700 (PDT)
Received: by mail-pl1-f173.google.com with SMTP id ba4-v6so4881268plb.11 for <mib-doctors@ietf.org>; Fri, 14 Sep 2018 17:27:51 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=57eNKQLaihURR45T/Wa5M3DGvei6/bpagL+Ku/X+nCA=; b=Ju62M1xNrPD026ZvV1KSqHnWlS4cVEIN2JtNXSW9PZ6CdevrR+rsoF967hsUj/x4SW OciOiaIIB5XaT3a4RiSf1MLe88i9coiHvuUD7IAOUJ4ekG3E2PNhUbQVtaA4BtOJAjDE HOI803ck1Pqk3A/WImaLmfCo7nakKEoyTT7x3g8LdjMPJVaD6q7TOpjr5kThR7v6wbzg zmh7iTP/neGfk75JHrkKkbhJAIfXHB8tcpOxNcOLq/2irdiTzN40PQozxLQEjDbEv3uP 1BLXJtdztsk9RLZhSzvluKt5PNfYPP9wxEDCtzilpe5I0boBTHHxgZ32JTRUFI1suu8/ q3gw==
X-Gm-Message-State: APzg51BRSh4tk4jpjGYDsosNhCmJcQANo7hCSYH5JrG6jPCLjoXjUfAI 4Z7e/ibRtzi+tmwdoRTpkezQX92nI/k=
X-Google-Smtp-Source: ANB0VdbOrpMKDyoHZBPEhYX9cQb1yyfV3kQ0c0dJmuVdDMMMUAYcev8AsiGU5AsQEGploT5daCYbQQ==
X-Received: by 2002:a17:902:1a9:: with SMTP id b38-v6mr14364614plb.89.1536971270356; Fri, 14 Sep 2018 17:27:50 -0700 (PDT)
Received: from [192.168.1.100] (c-69-181-241-121.hsd1.ca.comcast.net. [69.181.241.121]) by smtp.gmail.com with ESMTPSA id z11-v6sm12482867pfi.4.2018.09.14.17.27.49 for <mib-doctors@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 14 Sep 2018 17:27:49 -0700 (PDT)
To: mib-doctors@ietf.org
References: <f3ab019d-4cfe-91d1-0d58-75c0c641b11f@cysols.com> <86660ace-f8ca-86af-7725-55a3382770b1@alumni.stanford.edu> <289e4f4a-f911-9513-80ee-37459887cd28@cysols.com>
From: Randy Presuhn <randy_presuhn@alumni.stanford.edu>
Message-ID: <102cb9a6-fa09-21ee-b9b6-eb198640a3fd@alumni.stanford.edu>
Date: Fri, 14 Sep 2018 17:27:54 -0700
User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <289e4f4a-f911-9513-80ee-37459887cd28@cysols.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/mib-doctors/tMeFoAtgeE5QAeyzSLzCkpVoyVk>
Subject: Re: [MIB-DOCTORS] Readable and MAXACCESS
X-BeenThere: mib-doctors@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: MIB Doctors list <mib-doctors.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mib-doctors>, <mailto:mib-doctors-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mib-doctors/>
List-Post: <mailto:mib-doctors@ietf.org>
List-Help: <mailto:mib-doctors-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mib-doctors>, <mailto:mib-doctors-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Sep 2018 00:27:53 -0000
Hi - On 9/14/2018 4:45 PM, Glenn Mansfield Keeni wrote: ... > Even with appropriate access control policy, if > appropriate encryption is not used index objects may Access control policy specifies whether encryption is to be used. See RFC 3415, look for "securityLevel" to find explanations, and the vacmAccessSecurityLevel index into vacmAccessTable for the actual configuration. One cannot (in VACM) specify an access control policy without also specifying the securityLevel(s) to which that policy applies. ... > So, does the following sentence in the The Security Guidelines > for IETF MIB modules needs rewording? > > >> Some of the readable objects in this MIB module (i.e., objects > >> with a MAX-ACCESS other than not-accessible) may be considered > >> sensitive or vulnerable in some network environments. > > Would the following be appropriate ? > Some of the readable objects in this MIB module (i.e., objects > with a MAX-ACCESS other than not-accessible and objects that are > visible as indices) may be considered > sensitive or vulnerable in some network environments. ... A simpler fix would be to change the "i.e." to "e.g." Randy
- [MIB-DOCTORS] Readable and MAXACCESS Glenn Mansfield Keeni
- Re: [MIB-DOCTORS] Readable and MAXACCESS Randy Presuhn
- Re: [MIB-DOCTORS] Readable and MAXACCESS Glenn Mansfield Keeni
- Re: [MIB-DOCTORS] Readable and MAXACCESS Randy Presuhn
- Re: [MIB-DOCTORS] Readable and MAXACCESS Glenn Mansfield Keeni
- Re: [MIB-DOCTORS] Readable and MAXACCESS Juergen Schoenwaelder
- Re: [MIB-DOCTORS] Readable and MAXACCESS Glenn Mansfield Keeni