On 22 Nov 2016, at 21:25, Michael StJohns <mstjohns(_at_)comcast(_dot_)net>
wrote:
Is it time to revise BCP72/RFC3522 to require we also address threats *from*
the protocols to the Internet as a whole?
Indeed. We did some of this in the security considerations of RFC 7252 (e.g.,
section 11.3 and 11.5). A catalog of issues to consider would certainly help
in writing future security considerations sections.
https://tools.ietf.org/html/rfc7252#section-11.3
https://tools.ietf.org/html/rfc7252#section-11.5
Grüße, Carsten