On Wed, 2012-11-07 at 12:47 +0000, Simon Wilkinson wrote: > On 7 Nov 2012, at 00:41, Andrew Deason wrote: > > I would have thought that a BIND connection could possibly allow > > hijacking while still providing other security requirements (like > > CLEAR). That would mean a BIND connection may or may not be allowable > > here, depending on the underlying layer, which is why the reason for the > > level requirement should perhaps be mentioned. > > Given the lack of clear specification for the BIND level, I wonder if > we should just remove it from this specification. If and when we find a > need for it, we can write a new spec which covers all of these issues.
Sounds like a good plan to me. _______________________________________________ AFS3-standardization mailing list [email protected] http://lists.openafs.org/mailman/listinfo/afs3-standardization
