Hi folk, We don’t have major objections to advance the document during the WGLC. As a result, before we advance the doc, we would encourage the authors to update a new version to address the minor comments.
Thanks so much for the Ian’s thorough review and the authors’ contribution. Yong > 在 2017年10月26日,14:57,Ian Farrer <ianfar...@gmx.com> 写道: > > Hi Yu, > > Please see below. > > Thanks, > Ian > >> On 25. Oct 2017, at 11:28, Yu Fu <f...@cnnic.cn> wrote: >> >> >g3. >> >Section 7 - States that there are a list of objects and their sensitivity / >> >vulnerability, but the list that follows only names the objects. No >> >vulnerability >> >information is included. >> >> [Yu]: It has a description as followed : >> “Some of the readable objects in this MIB module (i.e., objects with a >> MAX-ACCESS other than not-accessible) may be considered sensitive or >> vulnerable in some network environments. It is thus important to >> control even GET and/or NOTIFY access to these objects and possibly >> to even encrypt the values of these objects when sending them over >> the network via SNMP” >> “Objects that reveal rule information of the MAP Domain: Various objects can >> reveal the >> rule information of the map domain. A curious outsider could monitor >> these to assess the number of rules and the IPv6 prefix performed in >> this domain. Further, an intruder could use the information to guess >> the address-sharing ratios of the ISPs.” >> >> [Yu]: The objects in the list reveal the rule information and are readable. >> So they are vulnerable. > > > [if - OK. The current text isn’t very clear. Can I propose the following text > as a replacement? > > Some of the MIB model's objects are vulnerable as the information > which they hold may be used for targeting an attack against a MAP node (CE or > BR). > E.g., an intruder could use the information to help deduce the customer IPv4 > and IPv6 > topologies and address-sharing ratios in use by the ISP. > > The following is a list of the objects that have this vulnerability: > ] _______________________________________________ Softwires mailing list Softwires@ietf.org https://www.ietf.org/mailman/listinfo/softwires
