[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: IPSEC MIBs?

To: Ran Atkinson <rja@inet.org>
Subject: RE: IPSEC MIBs?
From: Stephen Waters <Stephen.Waters@digital.com>
Date: Thu, 28 May 1998 09:15:46 +0100
Cc: ipsec@tis.com
Sender: owner-ipsec@ex.tis.com


There is nothing to prevent IPSEC being used to protect the SNMP
management stream, I take it?
Steve.

Stephen Waters
DEVON, UK

National: 01548 551012 / 550474
International: 44 1548 551012 / 550474
Stephen.Waters@Digital.com 


-----Original Message-----
From:	Ran Atkinson [SMTP:rja@inet.org]
Sent:	Thursday, May 28, 1998 3:11 AM
To:	Stephen Waters
Subject:	Re: IPSEC MIBs? 


Doing a useful MIB for IPsec would tend to reduce the
security of an IPsec implementation to the min(IPsec security,
SNMP security).  The latter (SNMP Security) is generally
accepted to be weaker (especially pre-SNMPv3, but even
with SNMPv3 in place).  

I'd suggest that weakening the security of an implementation
of a security protocol is probably not a good global optimisation.

Ran

Follow-Ups:

RE: IPSEC MIBs?

From: Paul Koning <pkoning@xedia.com>

Prev by Date: Re: keying material
Next by Date: RE: SPI question
Prev by thread: Re: IPSEC MIBs?
Next by thread: RE: IPSEC MIBs?
Index(es):
- Main
- Thread