Thanks Melinda, agreed. Thanks, Ramki
-----Original Message----- From: nvo3 [mailto:[email protected]] On Behalf Of Melinda Shore Sent: Thursday, December 05, 2013 5:55 PM To: [email protected] Subject: Re: [nvo3] comments on nvo3 security requirements draft On 12/5/13 3:50 PM, ramki Krishnan wrote: >>>REQ2: (Page 8) > This should recommend some authorization mechanisms such as md5 checksum. I agree with your other suggestions, but 1) I don't think a requirements document should be making specific technology recommendations, and 2) md5 provides some assurances about message integrity, but really has nothing to say about policy. In rereading the requirement I think it's actually not as clear as it could be although I think its intent is absolutely correct. I'd probably change the text to something along the lines of: "Before accepting a control packet, the device receiving the packet MUST verify that the device sending the request is authorized to make that request. This is a policy decision." Melinda _______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3 _______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
