[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MUST vs. SHOULD audit

To: rja@inet.org (Ran Atkinson)
Subject: Re: MUST vs. SHOULD audit
From: Uri Blumenthal <uri@watson.ibm.com>
Date: Thu, 3 Apr 1997 09:14:03 -0500 (EST)
Cc: ipsec@tis.com
In-Reply-To: <Chameleon.859998419.rja@c8-a.snvl1.sfba.home.com> from "Ran Atkinson" at Apr 2, 97 05:18:56 pm
Reply-To: uri@watson.ibm.com
Sender: owner-ipsec@ex.tis.com

Ran Atkinson says:
> As you note, auditing is an important property of an IPsec implementation

It may be an important property of the IMPLEMENTATION, but why do
people insist it should be STANDARDIZED?! You want it - implement
it. Does it have to be exactly like mine?

> [1] In the absence of SNMP security, an SNMP trap is not the best choice
>     for security-related logging, IMHO.

I dislike this. It's absent in almost the same sense as IPSEC is absent.
There were and are working models, some of them are deployed, the work
is still going on.
-- 
Regards,
Uri		uri@watson.ibm.com
-=-=-=-=-=-=-
<Disclaimer>

References:

Re: MUST vs. SHOULD audit

From: Ran Atkinson <rja@inet.org>

Prev by Date: RE: MUST vs. SHOULD audit
Next by Date: Re: auditing
Prev by thread: Re: MUST vs. SHOULD audit
Next by thread: Re: MUST vs. SHOULD audit
Index(es):
- Main
- Thread