[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on draft-ietf-v6ops-teredo-security-concerns-02



Dave Thaler wrote:
While almost all of the points in this document are valid,
I have many comments (66 of them, not including the grammatical
corrections) on the text in this document.
Attached is a PDF with my comments in context.

My most general feedback can be summed up with:

It would be better to either recast this document as a "Tunnel
Security Concerns" document, or to split it into two docs or
sections, one for Teredo and one for generic tunneling issues.
Personally, I would find it most useful as two separate docs,
so that the first can be referenced from other "<blah> Security
Concerns" docs that might be specific to other tunneling protocols.
As is, I believe the current doc organization is harmful in two respects:
1) It may lead people to people that other tunneling protocols are
more secure than they really are if they believe the lack of a
similar statement/document means they don't have the problem.
2) It creates more work for the IETF when doing a "<blah> security
Concerns" document for another tunneling protocol, since all the
same points have to be repeated.

Dave,

I suspect it isn't tunneling in general that has these issues. For instance, I don't see these issues in RFC 4213.

Thus I think the class is restricted to tunneling protocols that are designed to bypass NAT boxes, since in many cases that means they also bypass the firewalls. Example protocols are IPsec (IKE/ESP) over UDP, IP over SSH or SSL. At least those examples are associated with a protocol providing some security, but there are probably other tunneling protocols designed to bypass NATs using UDP that do not come with required security.

But my point is that the class is smaller than all tunneling protocols.

    Erik