Management Information Base for Intermediate System to Intermediate System (IS-IS)
RFC 4444
Note: This ballot was opened for revision 26 and is now closed.
(Bert Wijnen) Yes
Comment (2005-12-01 for -)
No email
send info
send info
W.r.t. the Security Considerations Section. After we saw the comment from the GEN-ART review, there was continued discussion between the MIB doctors if that section needed to elaborate and list the speicific objects with their specific vulnerabilities. In total there are some 64 writable objects that may need discussion (either separate or in chuncks). Russ has taken a DISCUSS on that and I think that the MIB doctors have rough consensus that it would be BETTER if indeed some more detail was given. Even if all 64 objects have the same sensitivity, even then it would be good to make such an explicit statement. But it is not clear that they indeed all have the same sensistivity and would all cause the same type of harm if changed in an unauthorized manner.
(Alex Zinin) Yes
(Brian Carpenter) No Objection
Comment (2005-11-22 for -)
No email
send info
send info
(From Gen-ART review by David Black) - Section 2, Overview: This document is provided to the IETF working group on IS-IS. It describes a management information base for the IS-IS Routing protocol as described in ISO 10589 [ISO10589], when it is used to construct routing tables for IP networks, as described in RFC 1195 [RFC1195]. Remove first sentence (will no longer be appropriate when this is published as an RFC0, and rephrase second to "This document describes ...". - Section 6, Acknowledgements: Was an extra "r" added to Chris Gunner's name? - Section 7, Security Considerations This is ok in its current form, although it would be improved with references to specific MIB tables/objects, even as examples of how uncontrolled write access could cause problems. The references are not essential, as the threat of uncontrolled write access is both obvious and compelling as described.