[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: zeroconf draft Editorial
Hi Pekka,
Thanks a lot for your comments.
I shall try to mend the wording in the appropriate places.
BR, Karen
>
> editorial
> ---------
>
> Tunnel endpoint:
> A dual-stack node performing IPv6-in-IPv4 tunnel
> encapsulation/decapsulation in accordance with zero-configuration
> tunneling.
>
> ==> is Tunnel Server also a Tunnel endpoint? That is, should
> we define
> "Tunnel Client" as well if tunnel endpoint is meant to be a
> generic term?
>
> Tunnel Server:
> A dual-stack server node with native IPv6 connectivity and which
> provides IPv6 connectivity to client nodes by performing
> IPv6-in-IPv4
> tunnel encapsulation/decapsulation to/from client nodes in
> accordance
> with zero-configuration tunneling.
>
> ==> as a pedantical note, native v6 connectivity is not a
> strict requirement
> for the tunnel server. It could very well get its v6
> connectivity through
> v6-in-v4 tunnels, right?
>
> extendable to outer encapsulation mechanisms, e.g., IPv4-in-IPv6.
>
>
> ==> s/outer/other/
>
> - Network infrastructure nodes cannot in an attempt to
> protect the
> end-hosts by default filter out intra-site (i.e. internally
> sourced and destined) ipv6-in-ipv4 tunneled packets.
> - As the tunnel service is un-authenticated (not registered) the
> tunnel server may be usable to reflect tunneled
> packets into the
> network, similar to the 6to4-reflection attacks identified in
> Error! Reference source not found..
> - The usage of zero-configuration tunneling may open up for
> threats to other mechanisms in the network that rely
> on proto-41
> encapsulation.
>
> ==> could these be reworded slightly? In each "bullet",
> there appear to be
> a few grammatical errors which make it difficult to
> understand the intent of
> the bullets.
>
> In order for an end-host deploying zero-configuration tunneling to
> trust that packets it perceives as stemming from tunnel servers do
> actually also stem form such as well as for the end-host
> to trust on
> the benevolence of its tunnel servers it suffices that a
> sufficiently
> trustworthy tunnel server end-point discovery mechanism, read
> discovery of benevolent tunnel servers IPv4 address(es), is
> implemented.
>
> ==> I had hard time parsing the first lines of this loooong sentence
>
> 10. Authors Contact Information
>
> ==> "Authors' Addresses"
>
> 11. References
>
>
> ==> splitting the refs to normative/informative might not hurt..
>
>
>
>
> --
> Pekka Savola "You each name yourselves king, yet the
> Netcore Oy kingdom bleeds."
> Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
>