Re: [OPSEC] Last Call: <draft-ietf-opsec-ipv6-implications-on-ipv4-nets-03.txt> (Security Implications of IPv6 on IPv4 Networks) to Informational RFC
Fernando Gont <fgont@si6networks.com> Wed, 10 April 2013 05:21 UTC
Return-Path: <fgont@si6networks.com>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 09BCF21F93BF; Tue, 9 Apr 2013 22:21:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ONZepnlA06K9; Tue, 9 Apr 2013 22:21:35 -0700 (PDT)
Received: from web01.jbserver.net (web01.jbserver.net [IPv6:2a00:d10:2000:e::3]) by ietfa.amsl.com (Postfix) with ESMTP id 4653221F93BD; Tue, 9 Apr 2013 22:21:35 -0700 (PDT)
Received: from 26-174-16-190.fibertel.com.ar ([190.16.174.26] helo=[192.168.1.113]) by web01.jbserver.net with esmtpsa (TLSv1:DHE-RSA-CAMELLIA256-SHA:256) (Exim 4.80.1) (envelope-from <fgont@si6networks.com>) id 1UPnSm-0004Hk-Ve; Wed, 10 Apr 2013 07:21:31 +0200
Message-ID: <5164F5F3.9030007@si6networks.com>
Date: Wed, 10 Apr 2013 02:17:39 -0300
From: Fernando Gont <fgont@si6networks.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130308 Thunderbird/17.0.4
MIME-Version: 1.0
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
References: <20130329130326.13012.1402.idtracker@ietfa.amsl.com> <51559943.1010703@gmail.com> <515985E1.1000404@si6networks.com> <515AA8B4.5020707@gmail.com>
In-Reply-To: <515AA8B4.5020707@gmail.com>
X-Enigmail-Version: 1.4.6
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: opsec@ietf.org, ietf@ietf.org
Subject: Re: [OPSEC] Last Call: <draft-ietf-opsec-ipv6-implications-on-ipv4-nets-03.txt> (Security Implications of IPv6 on IPv4 Networks) to Informational RFC
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/opsec>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Apr 2013 05:21:36 -0000
Hi, Brian, My apologies for the delay in my response. Please find my comments in-line... On 04/02/2013 06:45 AM, Brian E Carpenter wrote: > Fernando, > > Rather than repeating myself, I'll suggest a change to the Introduction > that would (IMHO) improve the message: > > OLD: > > 1. Introduction > > Most general-purpose operating systems implement and enable native > IPv6 [RFC2460] support and a number of transition/co-existence > technologies by default. For cases in which the corresponding > devices are deployed on networks that are assumed to be IPv4-only, > > NEW: > > 1. Introduction > > Most general-purpose operating systems implement and enable native > IPv6 [RFC2460] support and a number of transition/co-existence > technologies by default [RFC6434]. Support of IPv6 by all nodes is > intended to become best current practice [RFC6540]. As a result, > networks will need to plan for and deploy IPv6 and its security > mechanisms. Some enterprise networks might, however, choose to delay > active use of IPv6. For networks that are assumed to be IPv4-only, I've checked with a few folks, and it seems that the suggested text would make everyone happy, except for the sentence that says "As a result, networks will need to plan for and deploy IPv6 and its security mechanisms.", on the basis that this is not the document to make a case for v6 deployment. The suggestions has been to remove that sentence, and apply the rest of your proposed text (or, alternatively, to tone down that sentence). For simplicity sake (and because I'm not sure how one would tone that one down), my suggestion would be to apply you proposed text, modulo that sentence. Would that be okay with you? -- If not, please do let me know, so that we can try to find a way forward that keeps everyone happy. Thanks so much! Best regards, -- Fernando Gont SI6 Networks e-mail: fgont@si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
- [OPSEC] Last Call: <draft-ietf-opsec-ipv6-implica… The IESG
- [OPSEC] Last Call: <draft-ietf-opsec-ipv6-implica… The IESG
- Re: [OPSEC] Last Call: <draft-ietf-opsec-ipv6-imp… Brian E Carpenter
- Re: [OPSEC] Last Call: <draft-ietf-opsec-ipv6-imp… Fernando Gont
- Re: [OPSEC] Last Call: <draft-ietf-opsec-ipv6-imp… Brian E Carpenter
- Re: [OPSEC] Last Call: <draft-ietf-opsec-ipv6-imp… Fernando Gont
- Re: [OPSEC] Last Call: <draft-ietf-opsec-ipv6-imp… Brian E Carpenter
- Re: [OPSEC] Last Call: <draft-ietf-opsec-ipv6-imp… Fernando Gont