On Fri, 23 Jan 2015 11:09:43 +0100 Johannes wrote: JM> I don't mean say that the issue is completely irrelevant, but just it JM> is not as severe as your post seems to imply. And given the JM> difficulties involved with a potential change, I doubt that it is worth. JM> JM> That said, I suggest to include a warning into the security JM> considerations of draft-hmac-sha-2-usm-snmp pointing to this issue and JM> recommending (generally) to use sufficiently strong passwords. RFC 3414 JM> already contains such a caveat but repeating it in the new JM> specification might help to draw attention to it.
+1 Robert -- Senior Software Engineer @ Parsons
pgpWve1KsoAmA.pgp
Description: OpenPGP digital signature
_______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
