[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D Action:draft-ietf-v6ops-cpe-simple-security-08.txt

To: Cameron Byrne <cb.list6@gmail.com>
Subject: Re: I-D Action:draft-ietf-v6ops-cpe-simple-security-08.txt
From: james woodyatt <jhw@apple.com>
Date: Tue, 20 Oct 2009 08:13:18 -0700
Cc: IPv6 Operations <v6ops@ops.ietf.org>
In-reply-to: <bcff0fba0910192136j7e69f700v5eb32add1eca3767@mail.gmail.com>
References: <20091020004501.3FB293A6883@core3.amsl.com> <bcff0fba0910192136j7e69f700v5eb32add1eca3767@mail.gmail.com>

On Oct 19, 2009, at 21:36, Cameron Byrne wrote:


1.  I could not find the specific recommendation for disallowing
spoofed traffic by beans of uRPF like in RFC 3704

I suppose the draft would be improved by an explicit reference toreverse path forwarding and a cite to RFC 3704.


2.  Is management outside of scope?  For example, does  it make sense
to say that the WAN interface is by default not interface to be used
for management

That's a security consideration, so I'd say it would be in scope and aworthy point to mention. I'll update.



--
james woodyatt <jhw@apple.com>
member of technical staff, communications engineering

References:
- I-D Action:draft-ietf-v6ops-cpe-simple-security-08.txt
  - From: Internet-Drafts@ietf.org

Prev by Date: FW: New Version Notification for draft-jiang-v6ops-nc-protection-00
Next by Date: Fwd: New Version Notification for draft-qin-v6ops-icp-transition-00
Previous by thread: I-D Action:draft-ietf-v6ops-cpe-simple-security-08.txt
Next by thread: Building IPv6 Applications which Access IPv4 Servers - draft-wing-v6ops-v6app-v4server-00
Index(es):
- Date
- Thread