Cisco Systems NetFlow Services Export Version 9
Note: This ballot was opened for revision 08 and is now closed.
(Bert Wijnen) Yes
(Steven Bellovin) (was Discuss) No Objection
(Margaret Cullen) No Objection
(Ned Freed) No Objection
Comment (2004-01-03 for -)
I would have expected the risks of exposure of flow information to at least be mentioned in the security considerations section. We're talking about traffic analysis here, after all. Perhaps a reference to the discussion of these isssues in draft-ietf-ipfix-reqs-12.txt is in order?
(Russ Housley) (was Discuss) No Objection
(Allison Mankin) No Objection
Comment (2004-01-08 for -)
I think we should not lose sight of the goal here. Netflow has a ton of flaws, that's why the IPFIX WG exists. But it is probably useful for there to be a spec of netflow for the community. I suggest that this spec get published promptly with a note on it: This documents the original protocol. The IETF IPFIX WG is developing a new protocol meeting the same requirements, but also built with security and inherent congestion aware transport. We should give clarity suggestions, but not ask the authors to make technical changes...