Dear Co-authors, Please find comments on the nvo3 security requirements draft below.
>>REQ2: (Page 8) This should recommend some authorization mechanisms such as md5 checksum. >>REQ3: (Page 8) >>b: The signaling packets SHOULD be encrypted. We believe encryption should be an optional feature, since encryption impacts performance. This is okay as long as Authentication (REQ1) and Authorization (REQ2) are met. >>5.1.1 Data Plane Need additional requirements for tenant performance isolation so that one errant tenant does not affect the other; for example, if one tenant is facing an abnormal amount of traffic due to a behavioral security threat such as DDoS attack, it should not affect the performance of other tenants in a virtualized environment. We would be glad to provide additional text for this. Thanks, Ramki & Anoop
_______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
