On 7/31/12 11:26 AM, Melinda Shore wrote:
As I mentioned earlier I am not particularly a fan of getting
a security framework out in front of a protocol framework. While
security needs to be designed in from the outset, it also needs
to be closely coupled to the actual mechanisms being used.
I'm also concerned about the whole "trusted network" thing. I
think that if you're going to continue to hang onto it (and I'd
really rather that you did not), you should probably explain in the
document that one of your starting assumptions is that there
are no insider threats.
I'm reasonably certain that assuming the underlying network is trusted
doesn't meet the segmentation requirements of a number of datacenter
applications in either single or multi-tennant deployments.
Melinda
_______________________________________________
nvo3 mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/nvo3
_______________________________________________
nvo3 mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/nvo3
