[secdir] Secdir review of draft-ietf-v6ops-ivi-icmp-address-05

Tina TSOU <Tina.Tsou.Zouting@huawei.com> Thu, 11 October 2012 23:44 UTC

Return-Path: <Tina.Tsou.Zouting@huawei.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 2FA9A21F8568; Thu, 11 Oct 2012 16:44:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.488
X-Spam-Status: No, score=-6.488 tagged_above=-999 required=5 tests=[AWL=0.110, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id oDpAUurDYyZA; Thu, 11 Oct 2012 16:44:00 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com []) by ietfa.amsl.com (Postfix) with ESMTP id 9BE5021F8567; Thu, 11 Oct 2012 16:43:59 -0700 (PDT)
Received: from (EHLO lhreml203-edg.china.huawei.com) ([]) by lhrrg01-dlp.huawei.com (MOS 4.3.5-GA FastPath queued) with ESMTP id ALN96214; Thu, 11 Oct 2012 23:43:58 +0000 (GMT)
Received: from LHREML404-HUB.china.huawei.com ( by lhreml203-edg.huawei.com ( with Microsoft SMTP Server (TLS) id 14.1.323.3; Fri, 12 Oct 2012 00:43:24 +0100
Received: from DFWEML406-HUB.china.huawei.com ( by lhreml404-hub.china.huawei.com ( with Microsoft SMTP Server (TLS) id 14.1.323.3; Fri, 12 Oct 2012 07:43:57 +0800
Received: from DFWEML513-MBS.china.huawei.com ([]) by dfweml406-hub.china.huawei.com ([]) with mapi id 14.01.0323.003; Thu, 11 Oct 2012 16:43:54 -0700
From: Tina TSOU <Tina.Tsou.Zouting@huawei.com>
To: "secdir@ietf.org" <secdir@ietf.org>
Thread-Topic: Secdir review of draft-ietf-v6ops-ivi-icmp-address-05
Thread-Index: Ac2oCkP37fErKrBpT1OKciH/B5fcMA==
Date: Thu, 11 Oct 2012 23:43:52 +0000
Message-ID: <C0E0A32284495243BDE0AC8A066631A8159BAA79@dfweml513-mbs.china.huawei.com>
Accept-Language: en-US, zh-CN
Content-Language: en-US
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_C0E0A32284495243BDE0AC8A066631A8159BAA79dfweml513mbschi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Cc: "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-v6ops-ivi-icmp-address@tools.ietf.org" <draft-ietf-v6ops-ivi-icmp-address@tools.ietf.org>
Subject: [secdir] Secdir review of draft-ietf-v6ops-ivi-icmp-address-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Oct 2012 23:44:01 -0000

Dear all,
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

It basically discusses the case, when there are no readily available IPv4 public address to embed into the IPv6 address.

It recommends the use of the Interface IP address as a sub object. So the interface IP address of the Translator would be used as a sub object? As there might be a number of hosts connected to the translator ( connected to a translator via a switch), would a single interface ip address suffice in such a case?

Is it possible to include one public IPv4 address and ports (as in case of PAT) to embed the address.

Thank you,