Re: [secdir] draft-shiomoto-ccamp-switch-programming-05
Tom Yu <tlyu@MIT.EDU> Mon, 22 August 2011 18:45 UTC
Return-Path: <tlyu@mit.edu>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65E8F21F87D9; Mon, 22 Aug 2011 11:45:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.155
X-Spam-Level:
X-Spam-Status: No, score=-104.155 tagged_above=-999 required=5 tests=[AWL=-0.556, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2QnVRw49lD4h; Mon, 22 Aug 2011 11:45:23 -0700 (PDT)
Received: from dmz-mailsec-scanner-1.mit.edu (DMZ-MAILSEC-SCANNER-1.MIT.EDU [18.9.25.12]) by ietfa.amsl.com (Postfix) with ESMTP id C264421F893C; Mon, 22 Aug 2011 11:45:22 -0700 (PDT)
X-AuditID: 1209190c-b7bdeae000000a26-02-4e52a3c2e5ac
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) by dmz-mailsec-scanner-1.mit.edu (Symantec Messaging Gateway) with SMTP id 93.42.02598.2C3A25E4; Mon, 22 Aug 2011 14:45:22 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id p7MIkPoD021370; Mon, 22 Aug 2011 14:46:26 -0400
Received: from cathode-dark-space.mit.edu (CATHODE-DARK-SPACE.MIT.EDU [18.18.1.96]) (authenticated bits=56) (User authenticated as tlyu@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id p7MIkHnp000106 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 22 Aug 2011 14:46:23 -0400 (EDT)
Received: (from tlyu@localhost) by cathode-dark-space.mit.edu (8.12.9.20060308) id p7MIkHp4017471; Mon, 22 Aug 2011 14:46:17 -0400 (EDT)
To: Rob Austein <sra@hactrn.net>
References: <20110811054042.E18E03DA59E@minas-ithil.hactrn.net>
From: Tom Yu <tlyu@MIT.EDU>
Date: Mon, 22 Aug 2011 14:46:17 -0400
In-Reply-To: <20110811054042.E18E03DA59E@minas-ithil.hactrn.net> (Rob Austein's message of "Thu, 11 Aug 2011 01:40:42 -0400")
Message-ID: <ldvy5yl7092.fsf@cathode-dark-space.mit.edu>
Lines: 30
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrDIsWRmVeSWpSXmKPExsUixG6nrntocZCfwcZvIhbHdyxjtJjxZyKz xYeFD1kspmx9x+LA4tF25zKTx5IlP5k8vlz+zBbAHMVlk5Kak1mWWqRvl8CV8XrHcfaCnzwV G3ZvYW9gPMrVxcjJISFgIvHk2CtWCFtM4sK99WxdjFwcQgL7GCXudV2CcjYwSvScuM0M4Vxh kmju2cEI4XQxSrzZdZgdpF9EQEGi69A3JhCbWSBdYlXDcjYQW1jAQeL2yy1gNUIC9hKP9/Sz dDFycLAJSEscXVwGEmYRUJW4dvYn2BmcArUSkzdAtPIKWEgcP9UB1sojwCnx6OxlJoi4oMTJ mU9YIFZpSdz495JpAqPgLCSpWUhSCxiZVjHKpuRW6eYmZuYUpybrFicn5uWlFuka6uVmluil ppRuYgQFMqckzw7GNweVDjEKcDAq8fA+MAn0E2JNLCuuzD3EKMnBpCTKaw2MAyG+pPyUyozE 4oz4otKc1OJDjBIczEoivPd7gHK8KYmVValF+TApaQ4WJXHegzsc/IQE0hNLUrNTUwtSi2Cy MhwcShK89SBDBYtS01Mr0jJzShDSTBycIMN5gIYXg9TwFhck5hZnpkPkTzEqSonzRoEkBEAS GaV5cL2wRPOKURzoFWHeCpAqHmCSgut+BTSYCWjwhJUBIINLEhFSUg2MxrKPD9b016R5+7BU XP/MqyRnVHBiYbrmArl/uXLzktg2PmXP057UZjtHNrVhbfgyXqtgSb72hffvLnF7d0IiL6oi /w73pZuh5x7w5B612zVju9qkZBFhp/CljK0fuRYob9hZmFRjsNPmdZlHgqNA2O3/k6P43/33 uH0/wOA9Z/Y/dYOt8QlKLMUZiYZazEXFiQBM9DHkDwMAAA==
Cc: draft-shiomoto-ccamp-switch-programming.all@tools.ietf.org, iesg@ietf.org, secdir@ietf.org
Subject: Re: [secdir] draft-shiomoto-ccamp-switch-programming-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Aug 2011 18:45:23 -0000
Rob Austein <sra@hactrn.net> writes: > The kicker here is the definition of "safe". As the subject is > traffic engineering, loss of money and data are of course issues, but > the more disturbing issue is that (according to the authors -- I have > no reason to disbelieve them but have not independently verified this) > there is a risk of bodily harm to "service personnel", because, for > some of the technologies that use this protocol, deciding to start > sending data equates to turning on lasers. I am not inclined to believe that this physical safety issue is severe. Having worked with lasers, though not network equipment that uses them, I can say that good general laser safety practices should substantially reduce the risk of injury to personnel. (e.g., safety eyewear; treating any aperture, fiber, etc. that is capable of emitting a laser beam as if it could do so at any moment; putting beam stops in place to protect against accidental exposure; etc.) IMHO, if the physical safety of your personnel relies substantially on the good behavior of some person or equipment located possibly thousands of miles away, your industrial hygiene program could use some improvement. It may be that prevailing practices in the industry are not as conservative, such that the advice about physical safety due to unexpected laser activation is warranted. (Are there operators here who could comment?) From a risk management perspective, I think it would be better for an operator to institute better laser safety practices locally. I believe optical patch panels with integral beam stops are available, for example.