RE: Storage over Ethernet/IP

At 18:02 29-05-00 , Dawson, Peter D wrote:

is vulnerability and threat analysis part of the
standardization process ??


YES (shouting intentional).

The "Security Considerations" section of every RFC ought to
contain vulnerability, threat analysis, risk mitigation,
and residual risk information.

Ran
rja(_at_)inet(_dot_)org

<Prev in Thread]	Current Thread	[Next in Thread>
RE: Storage over Ethernet/IP, (continued) RE: Storage over Ethernet/IP, Vernon Schryver Re: Storage over Ethernet/IP, Robert G. Ferrell Re: Storage over Ethernet/IP, Steven M. Bellovin RE: Storage over Ethernet/IP, Dawson, Peter D Re: Storage over Ethernet/IP, Keith Moore RE: Storage over Ethernet/IP, RL 'Bob' Morgan Re: Storage over Ethernet/IP, Steven M. Bellovin RE: Storage over Ethernet/IP, Dawson, Peter D RE: Storage over Ethernet/IP, Scott Bradner RE: Storage over Ethernet/IP, Harald Tveit Alvestrand RE: Storage over Ethernet/IP, RJ Atkinson <=