drafty IPv6 security overview draft submitted

[Pekka Savola <pekkas@netcore.fi>]

Hello all,

I just submitted a draft on IPv6 security overview.  It's quite raw 
and badly structured, but I ran out of time (and I'm off for a few 
days, back on Wednesday or so).

I've tried to describe at least briefly all the aspects relating to IPv6 
and IPv6 transition/co-existence I could quickly think of.  This could be 
one basis for the security discussion in Vienna.

Please have a look at it at some point and send feedback.

Prior to it being formally posted, it can be read from:

http://www.netcore.fi/pekkas/ietf/draft-savola-v6ops-security-overview-00.txt

Abstract

   The transition/co-existance from IPv4 to IPv4/IPv6 causes one to
   consider the security considerations of such a process.  In this
   memo, I try to give an overview of different aspects relating to
   IPv6: the notion of increased end-to-end transparency, implications
   of tunneling, the use of IPv4-mapped addresses, the considerations of
   IPv6 service piloting without firewalls, IPv6 protocol-specific
   issues, IPv6 transition/co-existence mechanism -specific issues,
   consequences of enabling IPv6 by default, and operational security
   issues when enabling IPv6 in the network infrastructure.


It's only about 8 pages or so :-)

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings