[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: authmeth question: definition of "sensitive"

To: ietf-ldapbis@OpenLDAP.org
Subject: Re: authmeth question: definition of "sensitive"
From: Jeff.Hodges@KingsMountain.com
Date: Mon, 19 Mar 2001 12:03:22 -0800
In-reply-to: "Roger Harrison" <RHARRISON@novell.com> 's message of Mon, 12 Mar 2001 23:05:24 -0700

RHARRISON@novell.com said:
> Section 2 paragaph 1 defines "sensitive" as "data that will cause real
> damage to the owner if revealed."     

> I propose that we change this
> definition to conform to the RECOMMENDED definition in RFC 2828
> (Internet Security Glossary): Information is sensitive if disclosure,
> alteration, destruction, or loss of the information would adversely
> affect the interests or business of its owner or user.   


I think this is fine, and..


> In general, I
> would like to ensure that our usage of security related terms in the
> authmeth draft conforms closely to the recommended definitions in RFC
> 2828.   

..I think this general rule-of-thumb is also good. 

In addition, when someone comes across the need to define a term that's not 
already in RFC 2828, they should submit a comment on 2828 to the SAAG list: 
saag@lists.tislabs.com



JeffH

Prev by Date: Re: IETF#50 LDAPbis Agenda (updated)
Next by Date: interoperability of ;binary
Index(es):
- Chronological
- Thread