--On Friday, August 31, 2001 13:07 -0400
No problem - can whoever ends up doing the RFC make sure to include
that in the 'Security Considerations' section (or maybe even go so far as
to only allow passing LDAP key/value pairs if other means have been used
to authenticate the submitter)?
Of course. That's why we have security considerations section.
Ned knows how to use the building blocks, Chris knows how, Larry knows
how, people keep claiming I know how - but I can think of a number of
vendors that *will* get it wrong unless they're specifically told "Here,
use one of these 3 blocks - don't use the green ones though, they need
purple ones too to make them fit..."
Unfortunately, the people who tend to get it wrong tend to be the same
people who don't read the security considerations section. While I
definitely support good security consideration sections describing fairly
concrete scenarios, we can't go so far as to explain how to build a secure
computer system in every RFC.