[secdir] Secdir last call review of draft-ietf-6man-pio-pflag-09
Benjamin Schwartz via Datatracker <noreply@ietf.org> Mon, 09 September 2024 18:42 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from [10.244.2.118] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id 9D80AC14CE4A for <secdir@ietf.org>; Mon, 9 Sep 2024 11:42:04 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Benjamin Schwartz via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.23.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <172590732423.2719609.7165092266101292184@dt-datatracker-68b7b78cf9-q8rsp>
Date: Mon, 09 Sep 2024 11:42:04 -0700
Message-ID-Hash: HJWMFLYDOAKYUXEMSPDG6H2NFCERN2WQ
X-Message-ID-Hash: HJWMFLYDOAKYUXEMSPDG6H2NFCERN2WQ
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-secdir.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Reply-To: Benjamin Schwartz <ietf@bemasc.net>
Subject: [secdir] Secdir last call review of draft-ietf-6man-pio-pflag-09
List-Id: Security Area Directorate <secdir.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/UGgXoKDoj5N5O2lYI_wcOuvgpOI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Owner: <mailto:secdir-owner@ietf.org>
List-Post: <mailto:secdir@ietf.org>
List-Subscribe: <mailto:secdir-join@ietf.org>
List-Unsubscribe: <mailto:secdir-leave@ietf.org>
Reviewer: Benjamin Schwartz Review result: Ready Security Issues: The security section is, if anything, too detailed, as it describes attacks that are not meaningful to the security of the system. I would shorten this section. The privacy considerations are important and are described appropriately. It might be worth adding a note that privacy-conscious clients should consider not implementing this specification. Other topics: I was not able to see why prefix requests "MUST" be short enough for SLAAC. Why would a host perform SLAAC within its own exclusively allocated prefix? If the host is acting as a router for a network containing SLAAC clients, it can request a larger prefix, but why is this mandatory for all hosts?
- [secdir] Secdir last call review of draft-ietf-6m… Benjamin Schwartz via Datatracker
- [secdir] Re: Secdir last call review of draft-iet… Jen Linkova
- [secdir] Re: Secdir last call review of draft-iet… Ben Schwartz
- [secdir] Re: [IPv6]Re: Secdir last call review of… Eliot Lear