On Wed, 7 Nov 2012, Jeffrey Hutzelman wrote:
On Wed, 2012-11-07 at 12:47 +0000, Simon Wilkinson wrote:
On 7 Nov 2012, at 00:41, Andrew Deason wrote:
I would have thought that a BIND connection could possibly allow
hijacking while still providing other security requirements (like
CLEAR). That would mean a BIND connection may or may not be allowable
here, depending on the underlying layer, which is why the reason for the
level requirement should perhaps be mentioned.
Given the lack of clear specification for the BIND level, I wonder if
we should just remove it from this specification. If and when we find a
need for it, we can write a new spec which covers all of these issues.
Sounds like a good plan to me.
No objection from me.
-Ben
_______________________________________________
AFS3-standardization mailing list
[email protected]
http://lists.openafs.org/mailman/listinfo/afs3-standardization
