Re: IESG feedback on core drafts.

To: ietf-ssh%netbsd.org@localhost
Subject: Re: IESG feedback on core drafts.
From: Simon Tatham <anakin%pobox.com@localhost>
Date: Fri, 14 Mar 2003 14:58:58 +0000

RJ Atkinson <rja%extremenetworks.com@localhost> wrote:

> Generally speaking, the goal of the Security Considerations section
> ought to be to:
[...]
>     - leave the reader of the document with a clear and accurate
>       understanding of what the deployment risks are, so that
>       an operator/user can make an informed decision about
>       whether to deploy/use the technology in the RFC

Quite so. And hence, if PK authentication is a useful means of
mitigating host key risks in some but not all situations, it seems
important to the reader's clear and accurate understanding that they
should be aware of which situations are which.

Cheers,
Simon
-- 
Simon Tatham         "I'm cross. I'm going to have a tantrum.
<anakin%pobox.com@localhost>    <pause> How do I start?"            - my uncle

References:
- Re: IESG feedback on core drafts.
  - From: RJ Atkinson

Prev by Date: Re: IESG feedback on core drafts.
Next by Date: Re: IESG feedback on core drafts.
Previous by Thread: Re: IESG feedback on core drafts.
Next by Thread: Re: IESG feedback on core drafts.
Indexes:

Home | Main Index | Thread Index | Old Index