[secdir] review of draft-ietf-behave-v6v4-framework-09

Stephen Kent <kent@bbn.com> Sun, 13 June 2010 13:32 UTC

Return-Path: <kent@bbn.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AE7973A68F2 for <secdir@core3.amsl.com>; Sun, 13 Jun 2010 06:32:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.002
X-Spam-Level:
X-Spam-Status: No, score=0.002 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xScqgL2JdsGx for <secdir@core3.amsl.com>; Sun, 13 Jun 2010 06:32:04 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by core3.amsl.com (Postfix) with ESMTP id 95F893A690A for <secdir@ietf.org>; Sun, 13 Jun 2010 06:32:04 -0700 (PDT)
Received: from dommiel.bbn.com ([192.1.122.15]:49493 helo=[192.168.1.5]) by smtp.bbn.com with esmtp (Exim 4.71 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1ONnIF-000Mwz-6t; Sun, 13 Jun 2010 09:32:07 -0400
Mime-Version: 1.0
Message-Id: <p06240800c83a8bfb7cec@[128.89.89.149]>
Date: Sun, 13 Jun 2010 09:27:45 -0400
To: secdir@ietf.org
From: Stephen Kent <kent@bbn.com>
Content-Type: multipart/alternative; boundary="============_-935686566==_ma============"
Cc: congxiao@cernet.edu.cn, xing@cernet.edu.cn, fred@cisco.com, kyin@cisco.com
Subject: [secdir] review of draft-ietf-behave-v6v4-framework-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Jun 2010 13:32:05 -0000

I reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

As its name implies, draft-ietf-behave-v6v4-framework-09 provides a 
context for the discussion of translation between IPv4 and IPv6 
networks, during the transition from IOv4 to Ipv6. Although I did not 
read the document very carefully, it appears to be very well written. 
It begins with an introduction that provides context setting and 
history, followed by a discussion on the need for translation between 
IPv4 and IPv6 networks, and a good terminology section. I wish all 
RFCs were as well structured as this one.

The security considerations section is just one sentence, perhaps a 
new record for brevity in the post "no security considerations" era 
:). This is a framework document and as such the authors refer the 
reader to the individual IPv4/IPv6 translation documents, which they 
cite. I am a little disappointed that there is not even a high level 
discussion of security considerations here, one that might capture 
security-relevant issues that are common to all of the translation 
methods that are described in detail in the cited documents. 
Nonetheless, given the overall high quality of the writing in this 
document, the brevity seems acceptable.

(I do have minor quibble with the wording in the security 
considerations section; the cites are preceded by "i.e.," which 
literally implies that there will be no other such documents. If, as 
I suspect, the list is not meant to be exhaustive, in perpetuity, 
"e.g.," would be the appropriate Latin abbreviation.)