[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: drafty IPv6 security overview draft submitted

To: BAUDOT Alain FTRD/DMI/CAE <alain.baudot@rd.francetelecom.com>
Subject: RE: drafty IPv6 security overview draft submitted
From: Pekka Savola <pekkas@netcore.fi>
Date: Fri, 4 Jul 2003 15:05:19 +0300 (EEST)
Cc: v6ops@ops.ietf.org
In-reply-to: <C691E039D3895C44AB8DFD006B950FB4015451C9@lanmhs50.rd.francetelecom.fr>

Hi, (sorry for delay..)

On Mon, 23 Jun 2003, BAUDOT Alain FTRD/DMI/CAE wrote:
> I think it is very valuable to point out such concrete and operational
> issues, one may face thinking about how to deploy IPv6 securely and
> safely (without disrupting existing services), as well.  
>
> It seems actually that there 3 types of issues : issues due to the
> protocol itself, issues due to transition/co-existence tools, and issues
> due to the deployement that may be adopted. And I guess each type of
> issue should have specic kind of answer.

I agree that this characterization seems reasonable.  It's sometimes 
difficult to draw the line, especially between the first two, though.

> > -----Message d'origine-----
> > De : Pekka Savola [mailto:pekkas@netcore.fi]
> > Envoye : vendredi 20 juin 2003 10:33
> > A : v6ops@ops.ietf.org
> > Objet : drafty IPv6 security overview draft submitted
> > 
> > 
> > Hello all,
> > 
> > I just submitted a draft on IPv6 security overview.  It's quite raw 
> > and badly structured, but I ran out of time (and I'm off for a few 
> > days, back on Wednesday or so).
> > 
> > I've tried to describe at least briefly all the aspects 
> > relating to IPv6 
> > and IPv6 transition/co-existence I could quickly think of.  
> > This could be 
> > one basis for the security discussion in Vienna.
> > 
> > Please have a look at it at some point and send feedback.
> > 
> > Prior to it being formally posted, it can be read from:
> > 
> > http://www.netcore.fi/pekkas/ietf/draft-savola-v6ops-security-
> overview-00.txt
> 
> Abstract
> 
>    The transition/co-existance from IPv4 to IPv4/IPv6 causes one to
>    consider the security considerations of such a process.  In this
>    memo, I try to give an overview of different aspects relating to
>    IPv6: the notion of increased end-to-end transparency, implications
>    of tunneling, the use of IPv4-mapped addresses, the considerations of
>    IPv6 service piloting without firewalls, IPv6 protocol-specific
>    issues, IPv6 transition/co-existence mechanism -specific issues,
>    consequences of enabling IPv6 by default, and operational security
>    issues when enabling IPv6 in the network infrastructure.
> 
> 
> It's only about 8 pages or so :-)
> 
> 

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

References:
- RE: drafty IPv6 security overview draft submitted
  - From: "BAUDOT Alain FTRD/DMI/CAE" <alain.baudot@rd.francetelecom.com>

Prev by Date: RE: drafty IPv6 security overview draft submitted
Next by Date: Re: drafty IPv6 security overview draft submitted
Previous by thread: RE: drafty IPv6 security overview draft submitted
Next by thread: RE: drafty IPv6 security overview draft submitted
Index(es):
- Date
- Thread