FWIW - I would be fine with wording changes on the lines of what Alissa is
suggesting. Mentioning network operations rather than network management is
more accurate actually in this case. What we usually call 'network management'
is part of the toolset needed to operate networks.
Regards,
Dan
-----Original Message-----
From: ietf [mailto:ietf-bounces(_at_)ietf(_dot_)org] On Behalf Of Alissa
Cooper
Sent: Tuesday, December 10, 2013 8:06 PM
To: Jari Arkko; Stephen Farrell; Eliot Lear
Cc: IETF(_at_)ietf(_dot_)org
Subject: Re: [perpass] comments and questions for the group on draft-
farrell-perpass-attack-02
On 12/10/13 5:45 AM, "Jari Arkko" <jari(_dot_)arkko(_at_)piuha(_dot_)net>
wrote:
FWIW, I was never particularly fond of the text that talked about
network management and monitoring. I could probably personally live
with a broader statement only that said something like "where
technically feasible and can provide improved security in practical
deployments".
YMMV.
Perhaps "management" is a misnomer for the fundamental concern, which is
the ability to operate the network. The text that discusses management
could be made more accurate by instead discussing operation, e.g.:
OLD:
More limited-scope monitoring to assist with network management that
is required in order to operate the network or an application is not
considered pervasive monitoring.
NEW:
More limited-scope monitoring that
is required in order to operate the network or an application is not
considered pervasive monitoring.
OLD:
Making networks unmanageable in order to mitigate
pervasive monitoring would not be an acceptable outcome.
NEW:
Making networks inoperable in order to mitigate
pervasive monitoring would not be an acceptable outcome.
(Realizing that now is not the time to wordsmith, but just offering
examples that might address the concerns raised earlier in the thread by
Eliot and others.)
Alissa