On 7 Nov 2012, at 00:41, Andrew Deason wrote: > I would have thought that a BIND connection could possibly allow > hijacking while still providing other security requirements (like > CLEAR). That would mean a BIND connection may or may not be allowable > here, depending on the underlying layer, which is why the reason for the > level requirement should perhaps be mentioned.
Given the lack of clear specification for the BIND level, I wonder if we should just remove it from this specification. If and when we find a need for it, we can write a new spec which covers all of these issues. Cheers, Simon _______________________________________________ AFS3-standardization mailing list [email protected] http://lists.openafs.org/mailman/listinfo/afs3-standardization
