IETF Logo Mail Archive

Re: [OPSEC] Last Call: <draft-ietf-opsec-ipv6-implications-on-ipv4-nets-03.txt> (Security Implications of IPv6 on IPv4 Networks) to Informational RFC

Brian E Carpenter <brian.e.carpenter@gmail.com> Wed, 10 April 2013 16:06 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 47B8621F98D2; Wed, 10 Apr 2013 09:06:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.96
X-Spam-Level:
X-Spam-Status: No, score=-99.96 tagged_above=-999 required=5 tests=[AWL=-1.039, BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, RCVD_ILLEGAL_IP=1.908, RCVD_IN_PBL=0.905, RDNS_DYNAMIC=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CeaqOGhhcTxI; Wed, 10 Apr 2013 09:06:15 -0700 (PDT)
Received: from mail-wg0-x229.google.com (mail-wg0-x229.google.com [IPv6:2a00:1450:400c:c00::229]) by ietfa.amsl.com (Postfix) with ESMTP id 55E4321F9942; Wed, 10 Apr 2013 09:06:15 -0700 (PDT)
Received: by mail-wg0-f41.google.com with SMTP id y10so6173580wgg.2 for <multiple recipients>; Wed, 10 Apr 2013 09:06:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:message-id:date:from:organization:user-agent :mime-version:to:cc:subject:references:in-reply-to:content-type :content-transfer-encoding; bh=Pvjq292gh7+UPVP5FivluKL/DfVTB1wtXrzVK1ar5d0=; b=VB6n+mwQpQHquXjZWDSwASZMJYKUm9rxPUZU8JYbNvPegsEXY7N44quFcf38vbpJxw cyKzr0DVK/cjBJRnHPUBxjtkh2+3Rdp/eGTKxoCF1hiXR5N8Ero8Y8zq4pMSZeBGzakY IP08wBNAvRYZvazfyD4CGtzgdN0433HPNLGHgBleFZlBE+flq/stzcAPEE+wl95hu69l ib/Puvrks4HRV15MeRId6tIr2V4CcttuDsn99OR2jAnJx3CdN3Y3iDCFNOdfahkisLRH RxQu1VRx0BHeV8I05Cmi8/K7eVnbxbBMVENyHGHPbE0SDiBGAYsWplQrMBHt1mD4qWlf otng==
X-Received: by 10.194.77.110 with SMTP id r14mr4751342wjw.2.1365609974544; Wed, 10 Apr 2013 09:06:14 -0700 (PDT)
Received: from [192.168.1.65] (host-2-101-189-175.as13285.net. [2.101.189.175]) by mx.google.com with ESMTPS id du2sm32657248wib.0.2013.04.10.09.06.12 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 10 Apr 2013 09:06:13 -0700 (PDT)
Message-ID: <51658DFC.7010504@gmail.com>
Date: Wed, 10 Apr 2013 17:06:20 +0100
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Fernando Gont <fgont@si6networks.com>
Subject: Re: [OPSEC] Last Call: <draft-ietf-opsec-ipv6-implications-on-ipv4-nets-03.txt> (Security Implications of IPv6 on IPv4 Networks) to Informational RFC
References: <20130329130326.13012.1402.idtracker@ietfa.amsl.com> <51559943.1010703@gmail.com> <515985E1.1000404@si6networks.com> <515AA8B4.5020707@gmail.com> <5164F5F3.9030007@si6networks.com>
In-Reply-To: <5164F5F3.9030007@si6networks.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: opsec@ietf.org, ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Apr 2013 16:06:16 -0000

Hi Fernando,

On 10/04/2013 06:17, Fernando Gont wrote:
> Hi, Brian,
> 
> My apologies for the delay in my response. Please find my comments
> in-line...
> 
> 
> On 04/02/2013 06:45 AM, Brian E Carpenter wrote:
>> Fernando,
>>
>> Rather than repeating myself, I'll suggest a change to the Introduction
>> that would (IMHO) improve the message:
>>
>> OLD:
>>
>> 1.  Introduction
>>
>>    Most general-purpose operating systems implement and enable native
>>    IPv6 [RFC2460] support and a number of transition/co-existence
>>    technologies by default.  For cases in which the corresponding
>>    devices are deployed on networks that are assumed to be IPv4-only,
>>
>> NEW:
>>
>> 1.  Introduction
>>
>>    Most general-purpose operating systems implement and enable native
>>    IPv6 [RFC2460] support and a number of transition/co-existence
>>    technologies by default [RFC6434]. Support of IPv6 by all nodes is
>>    intended to become best current practice [RFC6540]. As a result,
>>    networks will need to plan for and deploy IPv6 and its security
>>    mechanisms. Some enterprise networks might, however, choose to delay
>>    active use of IPv6. For networks that are assumed to be IPv4-only,
> 
> I've checked with a few folks, and it seems that the suggested text
> would make everyone happy, except for the sentence that says "As a
> result, networks will need to plan for and deploy IPv6 and its security
> mechanisms.", on the basis that this is not the document to make a case
> for v6 deployment. The suggestions has been to remove that sentence, and
> apply the rest of your proposed text (or, alternatively, to tone down
> that sentence).
> 
> For simplicity sake (and because I'm not sure how one would tone that
> one down), my suggestion would be to apply you proposed text, modulo
> that sentence.
> 
> Would that be okay with you? -- If not, please do let me know, so that
> we can try to find a way forward that keeps everyone happy.

Well, it's not for me to call the consenus, but with that sentence
removed I would personally enter the "no objection" state.

Thanks

    Brian

v2.23.0 | Report a Bug | By Email