[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-v6ops-unman-scenarios-02.txt

To: iesg <iesg@ietf.org>
Subject: Re: draft-ietf-v6ops-unman-scenarios-02.txt
From: Randy Bush <randy@psg.com>
Date: Thu, 10 Jul 2003 12:23:31 +0200
References: <E19aGRU-00033h-Ac@roam.psg.com>

i can not find out from the minutes (maybe i can't read them well), it is
not in my notes, ...

i really need to know who has the comment or their comment will be lost!

randy

> i have lost who had the second comment!  help!
> 
> randy
> 
> ---
> 
> From: Pekka Savola <pekkas@netcore.fi>
> To: Randy Bush <randy@psg.com>
> cc: mrw@windriver.com, <bob@thefinks.com>
> Subject: Re: draft-ietf-v6ops-unman-scenarios-02.txt
> Date: Wed, 9 Jul 2003 12:47:11 +0300 (EEST)
> 
> Hi,
> 
> Has there been progress with the write-up of the second comment?
> 
> Thanks
> 
> On Thu, 26 Jun 2003, Randy Bush wrote:
> > in today's iesg call, draft-ietf-v6ops-unman-scenarios-02.txt was
> > reviewed.  there were two comments, one of which is written up now
> > and is appended.  the other will be coming shortly.
> > 
> > i believe that these comments will need a new rev of the docuemnt.
> > 
> > randy
> > 
> > ---
> > 
> > The Security Considerations of this document largely say that
> > security will be covered in a companion document, but there is a
> > short list of topics covered in this document.  This list should
> > add one that is very important to the unmanaged scenarios (related
> > to the recommendation in Section 5.1.2):
> > 
> > 
> >    Security considerations are discussed as part of the
> >    applications' requirements. They include:
> >    
> >    - the guarantee that local applications are only used locally,
> >    - the protection of the privacy of clients
> >    - the requirement that peer-to-peer connections are only used
> >      by authorized peers.
> > 
> > Applications in the unmanaged scenarios also need to be protected
> > from risks associated with the transition tools, for example,
> > access to their net through an opportunistic tunnel if the
> > IPv6-over-UDP service is not well-designed.  So I think that it
> > would be reasonable to add to Section 5.1.2 and to the Security
> > Considerations some statement about securing the recommended
> > tunneling approaches.  Here's some suggested words for the
> > Security Considerations:
> > 
> >    - the requirement that tunneling protocols used for IPv6 access
> >      over IPv4 be designed for secure use; the related requirement
> >      that servers in in the infrastructure supporting this
> >      tunneling be designed not to be vulnerable to abuse.
> > 
> > (Or something like that). 
> > 
> > Nit:
> > 
> >    In practice, updating the DNS can be slow, which implies that
> >    server applications will have a better chance of being deployed
> >    if the IPv6 addresses remain stable for a long period.
> > 
> > Oversimplified operational statement.  Does it belong in this
> > document?
> > 
> > -30-
> > 
> > 
> 
> -- 
> Pekka Savola                 "You each name yourselves king, yet the
> Netcore Oy                    kingdom bleeds."
> Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
> 
> ------- end of forwarded message -------
> 
> 
>

Follow-Ups:
- Re: draft-ietf-v6ops-unman-scenarios-02.txt
  - From: Bill Fenner <fenner@research.att.com>
- Re: draft-ietf-v6ops-unman-scenarios-02.txt
  - From: Harald Tveit Alvestrand <harald@alvestrand.no>

References:
- Re: draft-ietf-v6ops-unman-scenarios-02.txt
  - From: Randy Bush <randy@psg.com>

Prev by Date: IETF web pages VERY SLOOOOWWWW ??
Next by Date: Change to plenary agenda - IESG
Previous by thread: Re: draft-ietf-v6ops-unman-scenarios-02.txt
Next by thread: Re: draft-ietf-v6ops-unman-scenarios-02.txt
Index(es):
- Date
- Thread