[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: MUST vs. SHOULD audit
I'm not taking much of a stand on the issue of whether or not auditing
should be required, it's more the form of the debate that is at issue.
> > Of course interoperability is the main point of the spec, but is the
> > discussion so far well-founded? I'm a little confused by the
> > responses --- most seem comfortable having the audit requirement
> > mentioned, as long as it's "should", but a "must" is declared out of
> > scope for a protocol specification. That doesn't seem logical; if
> > you're in for a "should", then you're in for a "must".
> Well, no. There's language in the drafts for "MUST", "SHOULD", and "MAY"
> for a reason. They're not all the same and being in for "SHOULD" does not
> make you in for "MUST".
No, I'm just saying that if a sentence containing "should" is in scope
then "must" also would be in scope.
> > I can appreciate the reasons for the "should" preference on grounds of
> > scope, but maybe the requirements for security protocol
> > implementations "should" be more stringent. Not so stringent as to
> > constitute denial of solution, but something more than an SEP* nod to
> > security technology that is not evident on-the-wire.
> I'm confused now. Are you saying that an implementation that implements
> all the mandatory transforms and the mandatory key management and
> interoperates with every other "IPsec compliant" implementation is itself
> not "IPsec compliant" because it doesn't do auditing?
I'm saying that it is an allowable outcome of group discussion.
Hilarie
References: