Hi Ian,
I will do as you suggested. An updated version will be submitted soon. Thanks again Yu From: Ian Farrer [mailto:[email protected]] Sent: Thursday, October 26, 2017 2:57 PM To: Yu Fu Cc: [email protected]; [email protected]; Yong Cui Subject: Re: WGLC for draft-ietf-softwire-map-mib-10 Hi Yu, Please see below. Thanks, Ian On 25. Oct 2017, at 11:28, Yu Fu <[email protected]> wrote: >g3. >Section 7 - States that there are a list of objects and their sensitivity / >vulnerability, but the list that follows only names the objects. No >vulnerability >information is included. [Yu]: It has a description as followed : “Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP” “Objects that reveal rule information of the MAP Domain: Various objects can reveal the rule information of the map domain. A curious outsider could monitor these to assess the number of rules and the IPv6 prefix performed in this domain. Further, an intruder could use the information to guess the address-sharing ratios of the ISPs.” [Yu]: The objects in the list reveal the rule information and are readable. So they are vulnerable. [if - OK. The current text isn’t very clear. Can I propose the following text as a replacement? Some of the MIB model's objects are vulnerable as the information which they hold may be used for targeting an attack against a MAP node (CE or BR). E.g., an intruder could use the information to help deduce the customer IPv4 and IPv6 topologies and address-sharing ratios in use by the ISP. The following is a list of the objects that have this vulnerability: ]
_______________________________________________ Softwires mailing list [email protected] https://www.ietf.org/mailman/listinfo/softwires
