[secdir] secdir review of draft-ietf-v6ops-v6inixp-08

Dave Cridland <dave.cridland@isode.com> Tue, 13 July 2010 14:43 UTC

Return-Path: <dave.cridland@isode.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CEBF03A6899; Tue, 13 Jul 2010 07:43:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EQK2MX4qa97i; Tue, 13 Jul 2010 07:43:00 -0700 (PDT)
Received: from rufus.isode.com (rufus.isode.com [62.3.217.251]) by core3.amsl.com (Postfix) with ESMTP id 7C4603A6803; Tue, 13 Jul 2010 07:42:59 -0700 (PDT)
Received: from puncture ((unknown) [217.155.137.60]) by rufus.isode.com (submission channel) via TCP with ESMTPSA id <TDx7awADG2Ri@rufus.isode.com>; Tue, 13 Jul 2010 15:42:51 +0100
X-SMTP-Protocol-Errors: NORDNS
Message-Id: <2255.1279032169.744311@puncture>
Date: Tue, 13 Jul 2010 15:42:49 +0100
From: Dave Cridland <dave.cridland@isode.com>
To: draft-ietf-v6ops-v6inixp.all@tools.ietf.org, Security Area Directorate <secdir@ietf.org>, The IESG <iesg@ietf.org>
MIME-Version: 1.0
Content-Type: text/plain; delsp="yes"; charset="us-ascii"; format="flowed"
Subject: [secdir] secdir review of draft-ietf-v6ops-v6inixp-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Jul 2010 14:43:00 -0000

Hi,

I have reviewed this document as part of the security directorate's  
ongoing effort to review all IETF documents being processed by the  
IESG.  These comments were written primarily for the benefit of the  
security area directors.  Document editors and WG chairs should treat  
these comments just like any other last call comments.

This document describes operational considerations for the adoption  
of IPv6 in peering points.

The document includes very little on security, suggesting that it may  
be useful not to annouce routes for the IXP itself, and reminding the  
reader than shenanigans on the LAN itself will cause problems.

I think this is as much as can be said by the document, and my only  
concern is that it's not clear to me if any of the many references  
might prove particularly important WRT security - that said, my  
feeling is that this document is adequately addressing security.

Dave.