> there's a question of scoping here: do you really want this > draft only to be applicable to cases when there's a high degree > of "trust" of all devices connected to a given overlay?
No. Working with the "untrusted" must be supported, it just means the security threats from the untreated need to be considered and mitigated. If only working in the trusted zone, there is much less needs to do the doc. Thanks, Luyuan > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Melinda Shore > Sent: Tuesday, July 17, 2012 4:10 PM > To: Luyuan Fang (lufang) > Cc: [email protected] > Subject: Re: [nvo3] FW: New Version Notification for draft-wei-nvo3- > security-framework-01.txt > > On 7/17/12 11:58 AM, Luyuan Fang (lufang) wrote: > > About the 'trusted', 'untrusted', they are not new. The terms are > > used in IETF RFCs/drafts all the time. I think it helps to first > > establish the reference points from which direction/zone the security > > threat are coming from, then talk about threads and requirements. > > They are, but to be honest I don't think I've seen them used like > this, anywhere. It was certainly the case that, for example, > rserpool tried to make similar assumptions about the security of > so-called "trusted networks" and was, uh, gently corrected. > > And as I mentioned the last time around, and was not answered, > there's a question of scoping here: do you really want this > draft only to be applicable to cases when there's a high degree > of "trust" of all devices connected to a given overlay? > > Melinda > _______________________________________________ > nvo3 mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/nvo3 _______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
