[secdir] review of draft-ietf-behave-v6v4-framework-09
Stephen Kent <kent@bbn.com> Sun, 13 June 2010 13:32 UTC
Return-Path: <kent@bbn.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AE7973A68F2 for <secdir@core3.amsl.com>; Sun, 13 Jun 2010 06:32:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.002
X-Spam-Level:
X-Spam-Status: No, score=0.002 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xScqgL2JdsGx for <secdir@core3.amsl.com>; Sun, 13 Jun 2010 06:32:04 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by core3.amsl.com (Postfix) with ESMTP id 95F893A690A for <secdir@ietf.org>; Sun, 13 Jun 2010 06:32:04 -0700 (PDT)
Received: from dommiel.bbn.com ([192.1.122.15]:49493 helo=[192.168.1.5]) by smtp.bbn.com with esmtp (Exim 4.71 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1ONnIF-000Mwz-6t; Sun, 13 Jun 2010 09:32:07 -0400
Mime-Version: 1.0
Message-Id: <p06240800c83a8bfb7cec@[128.89.89.149]>
Date: Sun, 13 Jun 2010 09:27:45 -0400
To: secdir@ietf.org
From: Stephen Kent <kent@bbn.com>
Content-Type: multipart/alternative; boundary="============_-935686566==_ma============"
Cc: congxiao@cernet.edu.cn, xing@cernet.edu.cn, fred@cisco.com, kyin@cisco.com
Subject: [secdir] review of draft-ietf-behave-v6v4-framework-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Jun 2010 13:32:05 -0000
I reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. As its name implies, draft-ietf-behave-v6v4-framework-09 provides a context for the discussion of translation between IPv4 and IPv6 networks, during the transition from IOv4 to Ipv6. Although I did not read the document very carefully, it appears to be very well written. It begins with an introduction that provides context setting and history, followed by a discussion on the need for translation between IPv4 and IPv6 networks, and a good terminology section. I wish all RFCs were as well structured as this one. The security considerations section is just one sentence, perhaps a new record for brevity in the post "no security considerations" era :). This is a framework document and as such the authors refer the reader to the individual IPv4/IPv6 translation documents, which they cite. I am a little disappointed that there is not even a high level discussion of security considerations here, one that might capture security-relevant issues that are common to all of the translation methods that are described in detail in the cited documents. Nonetheless, given the overall high quality of the writing in this document, the brevity seems acceptable. (I do have minor quibble with the wording in the security considerations section; the cites are preceded by "i.e.," which literally implies that there will be no other such documents. If, as I suspect, the list is not meant to be exhaustive, in perpetuity, "e.g.," would be the appropriate Latin abbreviation.)
- [secdir] review of draft-ietf-behave-v6v4-framewo… Stephen Kent