Re: [midcom] security recommendations in MIDCOM MIB draft
Lars Eggert <lars.eggert@nokia.com> Wed, 04 July 2007 06:30 UTC
Return-path: <midcom-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5yNZ-00039n-Ve; Wed, 04 Jul 2007 02:30:21 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5yNZ-00039h-3K for midcom@ietf.org; Wed, 04 Jul 2007 02:30:21 -0400
Received: from smtp.nokia.com ([131.228.20.172] helo=mgw-ext13.nokia.com) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1I5yNY-00067O-Hd for midcom@ietf.org; Wed, 04 Jul 2007 02:30:21 -0400
Received: from esebh106.NOE.Nokia.com (esebh106.ntc.nokia.com [172.21.138.213]) by mgw-ext13.nokia.com (Switch-3.2.5/Switch-3.2.5) with ESMTP id l646TfvP006630; Wed, 4 Jul 2007 09:30:02 +0300
Received: from esebh104.NOE.Nokia.com ([172.21.143.34]) by esebh106.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 4 Jul 2007 09:29:59 +0300
Received: from mgw-int01.ntc.nokia.com ([172.21.143.96]) by esebh104.NOE.Nokia.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.1830); Wed, 4 Jul 2007 09:29:59 +0300
Received: from [172.21.34.161] (esdhcp034161.research.nokia.com [172.21.34.161]) by mgw-int01.ntc.nokia.com (Switch-3.2.5/Switch-3.2.5) with ESMTP id l646Tv7t015474; Wed, 4 Jul 2007 09:29:57 +0300
In-Reply-To: <6AFFE92CEE03A3E6C2E61771@753F3B888A9969457862729D>
References: <6AFFE92CEE03A3E6C2E61771@753F3B888A9969457862729D>
Mime-Version: 1.0 (Apple Message framework v752.3)
Message-Id: <01D6CAF6-5E1F-413B-843C-20BFB3D38F79@nokia.com>
From: Lars Eggert <lars.eggert@nokia.com>
Subject: Re: [midcom] security recommendations in MIDCOM MIB draft
Date: Wed, 04 Jul 2007 09:29:51 +0300
To: ext Juergen Quittek <quittek@netlab.nec.de>
X-Mailer: Apple Mail (2.752.3)
X-OriginalArrivalTime: 04 Jul 2007 06:29:59.0429 (UTC) FILETIME=[BED78350:01C7BE04]
X-Nokia-AV: Clean
X-Spam-Score: 0.0 (/)
X-Scan-Signature: bdc523f9a54890b8a30dd6fd53d5d024
Cc: midcom@ietf.org, Tim Polk <tim.polk@nist.gov>, ops-ads@tools.ietf.org
X-BeenThere: midcom@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: midcom.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/midcom>, <mailto:midcom-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:midcom@ietf.org>
List-Help: <mailto:midcom-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/midcom>, <mailto:midcom-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0968832431=="
Errors-To: midcom-bounces@ietf.org
On 2007-7-3, at 14:33, ext Juergen Quittek wrote: > Now, Tim suggests to explicitly deprecate the use of (insecure) > previous > versions of SNMP, for example with a phrase like > > "Deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. > Instead it is RECOMMENDED to deploy SNMPv3 and to enable > cryptographic security." > > Are there any opinions about adding such a phrase to the security > considerations? This is a general applicability statement on the use of various SNMP versions and extensions, which IMO isn't for MIDCOM to make, at least not without prior review by the OPS area. But given the well-known problems with older versions of SNMP, maybe there already is a statement by the OPS area to that effect that the MIDCOM draft can simply point to? Lars
_______________________________________________ midcom mailing list midcom@ietf.org https://www1.ietf.org/mailman/listinfo/midcom
- [midcom] security recommendations in MIDCOM MIB d… Juergen Quittek
- Re: [midcom] security recommendations in MIDCOM M… Lars Eggert
- Re: [midcom] security recommendations in MIDCOM M… Lars Eggert
- Re: [midcom] security recommendations in MIDCOM M… Magnus Westerlund
- Re: [midcom] security recommendations in MIDCOM M… Juergen Quittek
- Re: [midcom] security recommendations in MIDCOM M… Wes Hardaker
- Re: [midcom] security recommendations in MIDCOM M… Magnus Westerlund
- Re: [midcom] security recommendations in MIDCOM M… Melinda Shore
- Re: [midcom] security recommendations in MIDCOM M… Wes Hardaker
- Re: [midcom] security recommendations in MIDCOM M… Melinda Shore
- Re: [midcom] security recommendations in MIDCOM M… Wes Hardaker