[secdir] SecDir review of draft-ietf-dccp-udpencap-10

Tina TSOU <Tina.Tsou.Zouting@huawei.com> Wed, 23 May 2012 21:26 UTC

Return-Path: <Tina.Tsou.Zouting@huawei.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A8DC11E80C6; Wed, 23 May 2012 14:26:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.065
X-Spam-Level:
X-Spam-Status: No, score=-6.065 tagged_above=-999 required=5 tests=[AWL=0.534, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pLsx1nSH9M6a; Wed, 23 May 2012 14:26:33 -0700 (PDT)
Received: from dfwrgout.huawei.com (dfwrgout.huawei.com [206.16.17.72]) by ietfa.amsl.com (Postfix) with ESMTP id 9C07C11E80C5; Wed, 23 May 2012 14:26:33 -0700 (PDT)
Received: from 172.18.9.243 (EHLO dfweml201-edg.china.huawei.com) ([172.18.9.243]) by dfwrg01-dlp.huawei.com (MOS 4.2.3-GA FastPath) with ESMTP id AGL92102; Wed, 23 May 2012 17:26:33 -0400 (EDT)
Received: from DFWEML404-HUB.china.huawei.com (10.193.5.203) by dfweml201-edg.china.huawei.com (172.18.9.107) with Microsoft SMTP Server (TLS) id 14.1.323.3; Wed, 23 May 2012 14:24:44 -0700
Received: from dfweml513-mbx.china.huawei.com ([169.254.3.80]) by dfweml404-hub.china.huawei.com ([10.193.5.203]) with mapi id 14.01.0323.003; Wed, 23 May 2012 14:24:47 -0700
From: Tina TSOU <Tina.Tsou.Zouting@huawei.com>
To: "secdir@ietf.org" <secdir@ietf.org>
Thread-Topic: SecDir review of draft-ietf-dccp-udpencap-10
Thread-Index: Ac05Knod2pQ4T3OTQOuds2kZi2JLeA==
Date: Wed, 23 May 2012 21:24:46 +0000
Message-ID: <C0E0A32284495243BDE0AC8A066631A80D39EEB5@dfweml513-mbx.china.huawei.com>
Accept-Language: en-US, zh-CN
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.212.246.6]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Cc: "draft-ietf-dccp-udpencap@tools.ietf.org" <draft-ietf-dccp-udpencap@tools.ietf.org>, The IESG <iesg@ietf.org>
Subject: [secdir] SecDir review of draft-ietf-dccp-udpencap-10
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 May 2012 21:26:34 -0000

Hi,
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

I find one case which can be a small disadvantage: both sides have to be updated to use tunneling, even if only one side is blocked by NAT. Can we handle this case?


Tina
Sent from my IPv6 address 2001:0:4137:9e76:20f1:518:f56e:f6a5