[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: drafty IPv6 security overview draft submitted

To: "Pekka Savola" <pekkas@netcore.fi>,<v6ops@ops.ietf.org>
Subject: RE: drafty IPv6 security overview draft submitted
From: "BAUDOT Alain FTRD/DMI/CAE" <alain.baudot@rd.francetelecom.com>
Date: Mon, 23 Jun 2003 17:28:48 +0200

Hi Pekka,

I think it is very valuable to point out such concrete and operational
issues, one may face thinking about how to deploy IPv6 securely and
safely (without disrupting existing services), as well.  
It seems actually that there 3 types of issues : issues due to the
protocol itself, issues due to transition/co-existence tools, and issues
due to the deployement that may be adopted. And I guess each type of
issue should have specic kind of answer.

Regards,
Alain.

> -----Message d'origine-----
> De : Pekka Savola [mailto:pekkas@netcore.fi]
> Envoye : vendredi 20 juin 2003 10:33
> A : v6ops@ops.ietf.org
> Objet : drafty IPv6 security overview draft submitted
> 
> 
> Hello all,
> 
> I just submitted a draft on IPv6 security overview.  It's quite raw 
> and badly structured, but I ran out of time (and I'm off for a few 
> days, back on Wednesday or so).
> 
> I've tried to describe at least briefly all the aspects 
> relating to IPv6 
> and IPv6 transition/co-existence I could quickly think of.  
> This could be 
> one basis for the security discussion in Vienna.
> 
> Please have a look at it at some point and send feedback.
> 
> Prior to it being formally posted, it can be read from:
> 
> http://www.netcore.fi/pekkas/ietf/draft-savola-v6ops-security-
overview-00.txt

Abstract

   The transition/co-existance from IPv4 to IPv4/IPv6 causes one to
   consider the security considerations of such a process.  In this
   memo, I try to give an overview of different aspects relating to
   IPv6: the notion of increased end-to-end transparency, implications
   of tunneling, the use of IPv4-mapped addresses, the considerations of
   IPv6 service piloting without firewalls, IPv6 protocol-specific
   issues, IPv6 transition/co-existence mechanism -specific issues,
   consequences of enabling IPv6 by default, and operational security
   issues when enabling IPv6 in the network infrastructure.


It's only about 8 pages or so :-)

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

Follow-Ups:
- RE: drafty IPv6 security overview draft submitted
  - From: Pekka Savola <pekkas@netcore.fi>

Prev by Date: Re: draft-palet-v6ops-proto41-nat-00.txt
Next by Date: RE: draft-palet-v6ops-proto41-nat-00.txt
Previous by thread: Re: drafty IPv6 security overview draft submitted
Next by thread: RE: drafty IPv6 security overview draft submitted
Index(es):
- Date
- Thread