Re: WG Last Call: draft-ietf-v6ops-6to4-security-02.txt

[Tim Chown <tjc@ecs.soton.ac.uk>]

Ready to ship, I agree, and a nice piece of work!

Minor nits:
- Missing opening bracket on text spanning page 8 bottom split.
- Delete 'the' in 'the Section' at start of 4.1.3
- Bottom of 4.3, remove the XXX line
- send-ndopt and psreq I-Ds now at draft 5, April 2004
- ISATAP is now at Draft 22

Minor comment:
- Should p.15 recommend against using the anycast source address?

Do we have field reports of 6to4 abuse to date?  (Curious if they are
recorded anywhere)

It seems many ISPs (NRENs, usually) simply avoid advertising 2002::/16
outside their border, or the IPv4 anycast address outsude their border,
to limit their "traffic magnet".   I guess this is your model in 
Section 6.2, but you talk about 2002::/16 limitation, rather than the
IPv4 anycast limitation?   This is probably why most people see SWITCH's 
relay ;)   While there are enough "third party relays" (as you call them), 
the closed model still appears to work because of the current traffic
levels and available relays like SWITCH's.

It's not clear how many recommendations in your (very thorough!) draft 
are widely implemented - would be very interesting to know...

Tim


On Wed, Jun 02, 2004 at 01:40:49PM +0300, Pekka Savola wrote:
> Hi all,
> 
> (co-chair hat on)
> 
> This is the WG Last Call for comments on sending
> draft-ietf-v6ops-6to4-security-02.txt, "Security Considerations for
> 6to4" to the IESG for consideration as Informational:
> 
> http://www.ietf.org/internet-drafts/draft-ietf-v6ops-6to4-security-02.txt
> 
> Please review the document carefully, and send your feedback to the
> list.  Please also indicate whether or not you believe that this
> document is ready to go to the IESG.
> 
> The last call will end in 2 weeks, on 16th June.
> 
> Thanks!
> 
> 
>