[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ietf
Subject:    RE: Storage over Ethernet/IP
From:       RJ Atkinson <rja () inet ! org>
Date:       2000-05-30 9:09:48
[Download RAW message or body]

At 18:02 29-05-00 , Dawson, Peter D wrote:
>is vulnerability and threat analysis part of the
>standardization process ??

YES (shouting intentional).

The "Security Considerations" section of every RFC ought to
contain vulnerability, threat analysis, risk mitigation,
and residual risk information.

Ran
rja@inet.org

[prev in list] [next in list] [prev in thread] [next in thread]