RE: Storage over Ethernet/IP

is vulnerability and threat analysis part of the standardization
process ??


RFCs 2251-2256, which specify LDAPv3, carry a stern warning up front that
that these documents lack a standard mandatory-to-implement strong
authentication method, hence limiting the applicability of the protocol
(how much effect this warning has had in practice is hard to say, of
course).  New documents have been written that do indeed do a
vulnerability analysis, not in any great depth but enough to motivate the
mechanisms recommended to deal with the identified threats.  In particular
see RFC 2829 (which should appear any minute now,
draft-ietf-ldapext-authmeth-04.txt in the mean time).

 - RL "Bob"

<Prev in Thread]	Current Thread	[Next in Thread>
RE: Storage over Ethernet/IP, (continued) RE: Storage over Ethernet/IP, Brian . Rubarts Re: Storage over Ethernet/IP, Keith Moore RE: Storage over Ethernet/IP, Brian . Rubarts Re: Storage over Ethernet/IP, Keith Moore RE: Storage over Ethernet/IP, Brian . Rubarts RE: Storage over Ethernet/IP, Vernon Schryver Re: Storage over Ethernet/IP, Robert G. Ferrell Re: Storage over Ethernet/IP, Steven M. Bellovin RE: Storage over Ethernet/IP, Dawson, Peter D Re: Storage over Ethernet/IP, Keith Moore RE: Storage over Ethernet/IP, RL 'Bob' Morgan <= Re: Storage over Ethernet/IP, Steven M. Bellovin RE: Storage over Ethernet/IP, Dawson, Peter D RE: Storage over Ethernet/IP, Scott Bradner RE: Storage over Ethernet/IP, Harald Tveit Alvestrand RE: Storage over Ethernet/IP, RJ Atkinson

Previous by Date:	Directed Broadcasts, Danny McPherson
Next by Date:	Free eCommerce Store, contact
Previous by Thread:	Re: Storage over Ethernet/IP, Keith Moore
Next by Thread:	Re: Storage over Ethernet/IP, Steven M. Bellovin
Indexes:	[Date] [Thread] [Top] [All Lists]