Nick, > On Dec 8, 2015, at 8:07 AM, Nick Hilliard <[email protected]> wrote: >> Where the security considerations outlined above are a concern, users of >> this protocol should consider using Transport Layer Security [RFC5246] >> to secure BMP. > > This presupposes that there is a mechanism defined further up the document > to support TLS. STARTTLS looks like it would be messy because BMP is not a > line-oriented ASCII format so any implementation would require some hack > using information tlvs, i.e. it would be semantically different from every > other starttls implementation. So it may be easier to use encrypted sockets.
Would you be willing to propose specific text? As I mentioned earlier, we presumably need specific text for the working group to evaluate, and of course if the consensus is for TLS we need specific text to update the document anyway. Of course, if someone else wants to propose text, that would be fine too. Thanks, --John _______________________________________________ GROW mailing list [email protected] https://www.ietf.org/mailman/listinfo/grow
