Re: [midcom] security recommendations in MIDCOM MIB draft

Melinda Shore <mshore@cisco.com> Fri, 13 July 2007 14:39 UTC

Return-path: <midcom-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I9MJF-00061t-JJ; Fri, 13 Jul 2007 10:39:53 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I9MJC-0005z3-QY for midcom@ietf.org; Fri, 13 Jul 2007 10:39:50 -0400
Received: from rtp-iport-2.cisco.com ([64.102.122.149]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1I9MJ7-00048s-Kt for midcom@ietf.org; Fri, 13 Jul 2007 10:39:50 -0400
Received: from rtp-dkim-2.cisco.com ([64.102.121.159]) by rtp-iport-2.cisco.com with ESMTP; 13 Jul 2007 10:39:29 -0400
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ao8CAGMrl0ZAZnmf/2dsb2JhbAA
X-IronPort-AV: i="4.16,537,1175486400"; d="scan'208"; a="125982028:sNHT369795476"
Received: from rtp-core-1.cisco.com (rtp-core-1.cisco.com [64.102.124.12]) by rtp-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id l6DEdS81015580; Fri, 13 Jul 2007 10:39:28 -0400
Received: from xbh-rtp-211.amer.cisco.com (xbh-rtp-211.cisco.com [64.102.31.102]) by rtp-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id l6DEdF6o022143; Fri, 13 Jul 2007 14:39:28 GMT
Received: from xmb-rtp-205.amer.cisco.com ([64.102.31.59]) by xbh-rtp-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Fri, 13 Jul 2007 10:39:15 -0400
Received: from 10.86.115.66 ([10.86.115.66]) by xmb-rtp-205.amer.cisco.com ([64.102.31.59]) via Exchange Front-End Server email.cisco.com ([64.102.31.38]) with Microsoft Exchange Server HTTP-DAV ; Fri, 13 Jul 2007 14:39:12 +0000
User-Agent: Microsoft-Entourage/11.3.3.061214
Date: Fri, 13 Jul 2007 10:39:10 -0400
Subject: Re: [midcom] security recommendations in MIDCOM MIB draft
From: Melinda Shore <mshore@cisco.com>
To: Wes Hardaker <wjhns1@hardakers.net>
Message-ID: <C2BD06CE.257DA%mshore@cisco.com>
Thread-Topic: [midcom] security recommendations in MIDCOM MIB draft
Thread-Index: AcfFW5Lc0TXISDFOEdyO5AAKleNSdA==
In-Reply-To: <sdk5t4flsk.fsf@wes.hardakers.net>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
X-OriginalArrivalTime: 13 Jul 2007 14:39:16.0101 (UTC) FILETIME=[967FEB50:01C7C55B]
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=501; t=1184337568; x=1185201568; c=relaxed/simple; s=rtpdkim2001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=mshore@cisco.com; z=From:=20Melinda=20Shore=20<mshore@cisco.com> |Subject:=20Re=3A=20[midcom]=20security=20recommendations=20in=20MIDCOM=2 0MIB=20draft |Sender:=20 |To:=20Wes=20Hardaker=20<wjhns1@hardakers.net>; bh=PAYO52b0rNvhFSsGAHBbtItlDrcXDQtsSoxiM1M8UmU=; b=TKQTMCX4rWKKamu7kIqsXyi/j5ym3YDylWCjYxzt4S6UdcFnBcjDdANve2RM9PU9pxrGNE3t uzvy1UBWS9KWQrKeFcE02gNBQh4iaa4r+BkI615Jvyjo2umkYPWDAHdX;
Authentication-Results: rtp-dkim-2; header.From=mshore@cisco.com; dkim=pass ( sig from cisco.com/rtpdkim2001 verified; );
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 7bac9cb154eb5790ae3b2913587a40de
Cc: midcom@ietf.org, Tim Polk <tim.polk@nist.gov>
X-BeenThere: midcom@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: midcom.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/midcom>, <mailto:midcom-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:midcom@ietf.org>
List-Help: <mailto:midcom-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/midcom>, <mailto:midcom-request@ietf.org?subject=subscribe>
Errors-To: midcom-bounces@ietf.org

On 7/13/07 9:58 AM, "Wes Hardaker" <wjhns1@hardakers.net> wrote:
> MIBCOM devices MUST implement SNMPv3 to allow for operators to rely on
> it's features in order to protect their traffic.  Operators should use
> make use of SNMPv3, other protocols providing cryptographic protection
> or physical separation to to ensure MIBCOM traffic is secured.

Yes, that's pretty much where I am, too (note that it's actually
"midcom," although "mibcom" is a pretty great portmanteau jobbie).

Melinda

_______________________________________________
midcom mailing list
midcom@ietf.org
https://www1.ietf.org/mailman/listinfo/midcom