Hi Stephen, all,
Stephen Farrell:
- section 6: I think I buy the argument that there are no
new security issues here but that's only true I think if the
security issues with route reflectors are somewhere (and if
those cover cases where crypto is not used to enforce the
"P" in VPN). Wouldn't a reference to something like that be
good here?
RFC4456, which specifies BGP route reflection has a security section
which merely states that it "does not change the underlying security
issues inherent in the existing IBGP", but which can be referenced
nonetheless.
OLD:
No new fundamental
security issues are introduced by ACCEPT_OWN.
proposed NEW:
No new fundamental security issues are introduced by ACCEPT_OWN,
beyond what is
already documented in "Security Considerations" sections of
RFC4271 and RFC4456.
Best,
-Thomas, as doc shepherd
_______________________________________________
BESS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/bess
