On Thu, Jan 11, 2018 at 11:03:30AM -0500, Kathleen Moriarty wrote: > Hi Juergen, > > Thank you very much for the additional information. This was very > helpful. Benoit and I discussed it a bit further on the telechat and > some text changes in the introduction and security considerations > section to provide some of this information for the reader will be > helpful. I got the explanations and appreciate them and from the > explanations, my discuss questions have been answered and I'll switch > this to a no objection leaving you and Benoit to add the text as > helpful for other readers. >
Kathleen, we propose to add this text to the security considerations: The origin metadata annotation exposes the origin of values in the applied configuration. Origin information may provide hints that certain control plane protocols are active on a device. Since origin information is tied to applied configuration values, it is only accessible to clients that have the permissions to read the applied configuration values. Security administrators should consider the sensitivity of origin information while defining access control rules. /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany Fax: +49 421 200 3103 <http://www.jacobs-university.de/> _______________________________________________ netmod mailing list [email protected] https://www.ietf.org/mailman/listinfo/netmod
