[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: draft-ietf-v6ops-unman-scenarios-02.txt
i can not find out from the minutes (maybe i can't read them well), it is
not in my notes, ...
i really need to know who has the comment or their comment will be lost!
randy
> i have lost who had the second comment! help!
>
> randy
>
> ---
>
> From: Pekka Savola <pekkas@netcore.fi>
> To: Randy Bush <randy@psg.com>
> cc: mrw@windriver.com, <bob@thefinks.com>
> Subject: Re: draft-ietf-v6ops-unman-scenarios-02.txt
> Date: Wed, 9 Jul 2003 12:47:11 +0300 (EEST)
>
> Hi,
>
> Has there been progress with the write-up of the second comment?
>
> Thanks
>
> On Thu, 26 Jun 2003, Randy Bush wrote:
> > in today's iesg call, draft-ietf-v6ops-unman-scenarios-02.txt was
> > reviewed. there were two comments, one of which is written up now
> > and is appended. the other will be coming shortly.
> >
> > i believe that these comments will need a new rev of the docuemnt.
> >
> > randy
> >
> > ---
> >
> > The Security Considerations of this document largely say that
> > security will be covered in a companion document, but there is a
> > short list of topics covered in this document. This list should
> > add one that is very important to the unmanaged scenarios (related
> > to the recommendation in Section 5.1.2):
> >
> >
> > Security considerations are discussed as part of the
> > applications' requirements. They include:
> >
> > - the guarantee that local applications are only used locally,
> > - the protection of the privacy of clients
> > - the requirement that peer-to-peer connections are only used
> > by authorized peers.
> >
> > Applications in the unmanaged scenarios also need to be protected
> > from risks associated with the transition tools, for example,
> > access to their net through an opportunistic tunnel if the
> > IPv6-over-UDP service is not well-designed. So I think that it
> > would be reasonable to add to Section 5.1.2 and to the Security
> > Considerations some statement about securing the recommended
> > tunneling approaches. Here's some suggested words for the
> > Security Considerations:
> >
> > - the requirement that tunneling protocols used for IPv6 access
> > over IPv4 be designed for secure use; the related requirement
> > that servers in in the infrastructure supporting this
> > tunneling be designed not to be vulnerable to abuse.
> >
> > (Or something like that).
> >
> > Nit:
> >
> > In practice, updating the DNS can be slow, which implies that
> > server applications will have a better chance of being deployed
> > if the IPv6 addresses remain stable for a long period.
> >
> > Oversimplified operational statement. Does it belong in this
> > document?
> >
> > -30-
> >
> >
>
> --
> Pekka Savola "You each name yourselves king, yet the
> Netcore Oy kingdom bleeds."
> Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
>
> ------- end of forwarded message -------
>
>
>