Re: [OPSEC] Start of WGLC for draft-ietf-opsec-vpn-leakages
"cb.list6" <cb.list6@gmail.com> Sun, 07 July 2013 20:36 UTC
Return-Path: <cb.list6@gmail.com>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 671ED21F9301 for <opsec@ietfa.amsl.com>; Sun, 7 Jul 2013 13:36:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.375
X-Spam-Level:
X-Spam-Status: No, score=-2.375 tagged_above=-999 required=5 tests=[AWL=0.225, BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f6cynvHF2r4k for <opsec@ietfa.amsl.com>; Sun, 7 Jul 2013 13:36:01 -0700 (PDT)
Received: from mail-we0-x229.google.com (mail-we0-x229.google.com [IPv6:2a00:1450:400c:c03::229]) by ietfa.amsl.com (Postfix) with ESMTP id ACF5821F926E for <OpSec@ietf.org>; Sun, 7 Jul 2013 13:36:00 -0700 (PDT)
Received: by mail-we0-f169.google.com with SMTP id n57so3178228wev.0 for <OpSec@ietf.org>; Sun, 07 Jul 2013 13:35:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=U5C+RCVtdQ4IZk5g2gVxJ2BMGeE1QjEsJ5Ev7xpPssM=; b=TTpD7D1YOGW1lTOSpBs0xXSQKOEacSr9usuPgZ2jY2Ua3hoMe7u4ke5F7Y/KdcOr4n Ssz+xK4ch5+lGcAOdoljSIrI0sPE7ibzUyEtADpRfNf9jiHLgQKb9/cWSaE80KGg+Q3P WBua9Gv0C77b7cupBbnWmTWTf559xhHw7z3gQIfvabwU+K429xksya9BRRQ6S7ClSAdO tsVIPACRsFevVMInQ4/DfxD3xaVaCDgLcOX6CEU3VkDIL/XZLQt0KBzssipnZbst38kv oNXyzVwUrfRTMue6UUSP5WYzDedavFwxMxZXlmiB3VGICZegEAvpV4YlztGrmwJDmxl3 joAA==
MIME-Version: 1.0
X-Received: by 10.180.83.68 with SMTP id o4mr28046482wiy.5.1373229359774; Sun, 07 Jul 2013 13:35:59 -0700 (PDT)
Received: by 10.194.139.208 with HTTP; Sun, 7 Jul 2013 13:35:59 -0700 (PDT)
In-Reply-To: <BD8A5CB6-A6CB-41E0-A907-49E11F40FEC5@kumari.net>
References: <BD8A5CB6-A6CB-41E0-A907-49E11F40FEC5@kumari.net>
Date: Sun, 07 Jul 2013 13:35:59 -0700
Message-ID: <CAD6AjGRVd7eOH7DoF3vCrz8swytTndBfRZHPfqaTsh5+3dmaeQ@mail.gmail.com>
From: "cb.list6" <cb.list6@gmail.com>
To: Warren Kumari <warren@kumari.net>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: "opsec@ietf.org" <OpSec@ietf.org>, draft-ietf-opsec-vpn-leakages@tools.ietf.org
Subject: Re: [OPSEC] Start of WGLC for draft-ietf-opsec-vpn-leakages
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/opsec>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Jul 2013 20:36:01 -0000
I support publication of this draft. I recently ran into this leaking issue on Android with OpenVPN. An open OpenVPN server used for security and anonymity only inserted routes for IPv4 on the client, with the result being all IPv6 does not go through the VPN. Many naive users will assume all traffic goes via the VPN, but in fact only a subset of IPv4-only traffic will go via the VPN while all ipv6 traffic travels outside the VPN CB On Wed, Jul 3, 2013 at 1:58 PM, Warren Kumari <warren@kumari.net> wrote: > Dear OpSec WG, > > This starts a Working Group Last Call for draft-ietf-opsec-vpn-leakages. > > The draft is available here: https://datatracker.ietf.org/doc/draft-ietf-opsec-vpn-leakages/ > > The authors of draft-ietf-opsec-vpn-leakages have indicated that they have incorporated feedback and believe that the document is ready for WGLC. > It is the authors responsibility to drum up additional feedback and review. > > Please review this draft to see if you think it is ready for publication > and comments to the list, clearly stating your view. > > This WGLC ends Wed 17-Jul-2013. > > > > Helpful Notes: > draft-ietf-opsec-vpn-leakages was originally draft-gont-opsec-vpn-leakages. > > There was some discussion in the thread: IPv6 implications on IPv4 nets: IPv6 RAs, IPv4's VPN "leakage" > and "New IETF I-D about VPN traffic leakages (Fwd: New Version Notification for draft-gont-opsec-vpn-leakages-00.txt)" > > > Thanks, > Warren Kumari > (as OpSec WG co-chair) > > > -- > Outside of a dog, a book is your best friend, and inside of a dog, it's too dark to read > > > _______________________________________________ > OPSEC mailing list > OPSEC@ietf.org > https://www.ietf.org/mailman/listinfo/opsec
- [OPSEC] Start of WGLC for draft-ietf-opsec-vpn-le… Warren Kumari
- Re: [OPSEC] Start of WGLC for draft-ietf-opsec-vp… cb.list6
- Re: [OPSEC] Start of WGLC for draft-ietf-opsec-vp… Warren Kumari
- Re: [OPSEC] Start of WGLC for draft-ietf-opsec-vp… Merike Kaeo
- Re: [OPSEC] Start of WGLC for draft-ietf-opsec-vp… Gert Doering
- Re: [OPSEC] Start of WGLC for draft-ietf-opsec-vp… Panos Kampanakis (pkampana)
- Re: [OPSEC] Start of WGLC for draft-ietf-opsec-vp… Paul Hoffman
- Re: [OPSEC] Start of WGLC for draft-ietf-opsec-vp… Warren Kumari
- Re: [OPSEC] Start of WGLC for draft-ietf-opsec-vp… Smith, Donald