Yes, I found that document myself, but the document should clarify its terminology, or at least have a terminology section pointing to that other doc.
But I'm worried about the practical implications. *Any* IPv4 CPE today has some form of packet filtering, even if it's all mixed up with NAT. If we now declare it "advanced" and move it to a separate RFC, we will be signaling the industry that packet filtering on the CPE is "nice to have". IMHO that would be a big mistake. Big enough to slow down ISP adoption of IPv6.
Thanks,
Yaron
> -----Original Message-----
> From: Hemant Singh (shemant) [mailto:shemant@cisco.com]
> Sent: Wednesday, August 19, 2009 18:05
> To: Yaron Sheffer; v6ops@ops.ietf.org
> Cc: Wes Beebee (wbeebee)
> Subject: RE: New Version Notification for draft-ietf-v6ops-ipv6-cpe-
> router-01
>
> Yaron,
>
> This BIS document is part 2 of the IPv6 CPE Router Recommendations
> document. The first document is at
>
> http://www.ietf.org/id/draft-ietf-v6ops-ipv6-cpe-router-01.txt
>
> Please see last paragraph in section 1 of the draft above for explanation
> of the DEV and MEDIUM terms.
>
> This document does not try to define any new IPv6 security and instead
> points to the IPv6 simple security document. The only reason packet
> filtering has been defined as DEV is because it is described in more
> detail in the simple security document but the simple security document is
> Work in Progress (not an RFC yet). In general I agree with you that
> packet filtering is older than IPv6. Do appreciate one fact that given
> tunneled IPv6 data and new drafts in the area of changing IPv6 standards
> for firewall traversal has not agreed upon how to filter relevant IPv6
> data. That is where some more of DEV behavior gets into packet filtering
> for IPv6.
>
> Hemant
>
> -----Original Message-----
> From: Yaron Sheffer [mailto:yaronf@checkpoint.com]
> Sent: Wednesday, August 19, 2009 10:50 AM
> To: Hemant Singh (shemant); v6ops@ops.ietf.org
> Cc: Wes Beebee (wbeebee)
> Subject: RE: New Version Notification for draft-ietf-v6ops-ipv6-cpe-
> router-01
>
> Hi Hemant,
>
> I took a quick look at the BIS document, and it is not self explanatory.
> What does "DEV" mean? What does "MEDIUM" mean? A terminology section would
> be appreciated.
>
> Do we really consider packet filtering (a technology older than IPv6 :-)
> to be "under development"? How does this document relate to the "simple
> security" draft?
>
> Thanks,
> Yaron
>
> > -----Original Message-----
> > From: owner-v6ops@ops.ietf.org [mailto:owner-v6ops@ops.ietf.org] On
> Behalf
> > Of Hemant Singh (shemant)
> > Sent: Wednesday, August 19, 2009 0:19
> > To: v6ops@ops.ietf.org
> > Cc: Hemant Singh (shemant); Wes Beebee (wbeebee)
> > Subject: FW: New Version Notification for draft-ietf-v6ops-ipv6-cpe-
> > router-01
> >
> > Folks,
> >
> > This is the last version of the IPv6 CPE Router Recommendations with I
> and
> > Wes as authors. The next revision will include Ole Troan and Chris
> Donley
> > as co-authors.
> > Since San Francisco IETF in Spring 2009, a decision was made to split up
> > the document into two. The second document has also been posted today
> as
> > draft-wbeebee-v6ops-ipv6-cpe-router-bis-00.txt.
> >
> > Hemant
> >
> > -----Original Message-----
> > From: IETF I-D Submission Tool [mailto:idsubmission@ietf.org]
> > Sent: Tuesday, August 18, 2009 5:05 PM
> > To: Hemant Singh (shemant)
> > Cc: Wes Beebee (wbeebee)
> > Subject: New Version Notification for draft-ietf-v6ops-ipv6-cpe-router-
> 01
> >
> >
> > A new version of I-D, draft-ietf-v6ops-ipv6-cpe-router-01.txt has been
> > successfuly submitted by Hemant Singh and posted to the IETF repository.
> >
> > Filename: draft-ietf-v6ops-ipv6-cpe-router
> > Revision: 01
> > Title: IPv6 CPE Router Recommendations
> > Creation_date: 2009-08-18
> > WG ID: v6ops
> > Number_of_pages: 21
> >
> > Abstract:
> > This document recommends IPv6 behavior for Customer Premises
> > Equipment (CPE) routers in Internet-enabled homes and small offices.
> > The CPE Router may be a standalone device. The CPE Router may also
> > be embedded in a device such as a cable modem, DSL modem, cellular
> > phone, etc. This document describes the router portion of such a
> > device. The purpose behind this document is to provide minimal
> > functionality for interoperability and create consistency in the
> > customer experience and satisfy customer expectations for the device.
> > Further, the document also provide some guidance for implementers to
> > expedite availability of IPv6 CPE router products in the marketplace.
> > It is expected that standards bodies other than the IETF developing
> > standards for specific products in this area (e.g. CableLabs
> > eRouter, Broadband Forum, Home Gateway Initiative, etc.) may
> > reference this work for basic functionality and provide value-added
> > or linktype-specific customizations and enhancements which are beyond
> > the scope of this document.
> >
> >
> >
> > The IETF Secretariat.
> >
> >
> > �jy�u����$>���:-jT�r��!���
> IƧ��[�(^rC�{S�֥I�.�+r�^��
Attachment:
smime.p7s
Description: S/MIME cryptographic signature