On Tue, 30 Mar 2004, Markus Hofmann wrote:
- Section 8.2 discusses a threat introduced by using OPES for
wiretap, but according to RFC 2804, the "IETF has decided not to
consider requirements for wiretapping as part of the process for
creating and maintaining IETF standards."
Seems like removing this specific threat scenario from Section 8.2
will address this specific comment.
FWIW, I believe this comment should be addressed differently, by
adding the following text (or its polished version):
Following an IETF policy on Wiretapping [RFC2804], OPES
communication model does not consider wiretapping requirements.
Nevertheless, the documented threat is real, not obvious, and
OPES technology users operating in wiretapping or similar
logging environments should be aware of it.
Thank you,
Alex.