While almost all of the points in this document are valid, I have many comments (66 of them, not including the grammatical corrections) on the text in this document. Attached is a PDF with my comments in context. My most general feedback can be summed up with: It would be better to either recast this document as a "Tunnel Security Concerns" document, or to split it into two docs or sections, one for Teredo and one for generic tunneling issues. Personally, I would find it most useful as two separate docs, so that the first can be referenced from other "<blah> Security Concerns" docs that might be specific to other tunneling protocols. As is, I believe the current doc organization is harmful in two respects: 1) It may lead people to people that other tunneling protocols are more secure than they really are if they believe the lack of a similar statement/document means they don't have the problem. 2) It creates more work for the IETF when doing a "<blah> security Concerns" document for another tunneling protocol, since all the same points have to be repeated. -Dave
Attachment:
draft-ietf-v6ops-teredo-security-concerns-02.pdf
Description: draft-ietf-v6ops-teredo-security-concerns-02.pdf