Hi, KK, On 10/26/2012 06:43 PM, KK wrote: >> Agreed. But the I-D is not implying this attack scenario. -- Please do >> let me know if you think this is not clear, and, in such case, where/how >> I could improve the I-D. > > What might help is to make the scope a bit more explicit by providing > the example you just gave me - > > """the vulnerability being discussed does not really imply that > the attacker is able to get access to some resources he'd otherwise not > have access to, but rather that there's a traffic leakage. > > e.g., if the client employs some insecure protocol (e.g., that sends > user and password in the clear), he may think it's okay to use it over a > VPN. But with this attack, that user/pass could end up appearing in the > clear on the local network.""" > > Something as simple as the above text in either Section 1. or Section 4. > might really help.
Okay. I will incorporate this into the next rev. Thanks! Best regards, -- Fernando Gont SI6 Networks e-mail: [email protected] PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
