Martin, thanks for the review. The first paragraph in the security considerations is following the security boilerplate for MIB modules that is posted here:
http://trac.tools.ietf.org/area/ops/trac/wiki/mib-security It seems I am actually missing this introductory paragraph: There are no management objects defined in this MIB module that have a MAX-ACCESS clause of read-write and/or read-create. So, if this MIB module is implemented correctly, then there is no risk that an intruder can alter or create any management objects of this MIB module via direct SNMP SET operations. In general, I prefer to not change the boilerplate. Suggestions for boilerplate changes should be sent to the responsible AD (Benoit Claise) I think. /js On Mon, Aug 11, 2014 at 03:41:36PM -0700, Martin Thomson wrote: > I am the assigned Gen-ART reviewer for this draft. For background on > Gen-ART, please see the FAQ at > > <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. > > Please resolve these comments along with any other Last Call comments > you may receive. > > Document:draft-ietf-6lo-lowpan-mib-03 > Reviewer: Martin Thomson > Review Date: 2014-08-11 > IETF LC End Date: 2014-06-22 > IESG Telechat date: (if known) > > Summary: Ready. > > Nits/editorial comments: > > Looks like the first paragraph of the Security Considerations was left > hanging. I looked and this sentence is a little confusing, since all > the MAX-ACCESS attributes are the same. > > I'm not sure that this is something that would concern me either. > Sure, SNMP provides an attacker a great feedback loop if they want to > learn what is going on, but that is something you trade off against > things like being able to do things like maintenance and all that > necessary stuff. -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1, 28759 Bremen, Germany Fax: +49 421 200 3103 <http://www.jacobs-university.de/> _______________________________________________ Gen-art mailing list [email protected] https://www.ietf.org/mailman/listinfo/gen-art
