5.1 Security Considerations for Implementers

Implementers who use ClusAPI Protocol version 2.0 will use an RPC authentication level that is appropriate for the data that is to be transferred to the cluster. For example, if sensitive data is written to the cluster registry by means of the ApiSetValue method, binding to the cluster by using RPC_C_AUTHN_LEVEL_PKT_PRIVACY (defined in [MS-RPCE] section 2.2.1.1.8) obscures the data to any node that was capturing data flow on the network.

Implementers who use ClusAPI Protocol version 3.0 will use an RPC authentication level of at least RPC_C_AUTHN_LEVEL_PKT_PRIVACY to ensure a level of privacy for sensitive data.

For more information, see section 2.1.