Re: [secdir] [pcp] secdir review of draft-ietf-behave-lsn-requirements

Shin Miyakawa <miyakawa@nttv6.jp> Tue, 10 July 2012 20:36 UTC

Return-Path: <miyakawa@nttv6.jp>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3FC6711E813D; Tue, 10 Jul 2012 13:36:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.09
X-Spam-Level:
X-Spam-Status: No, score=-0.09 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bepVbC6Z44RE; Tue, 10 Jul 2012 13:36:29 -0700 (PDT)
Received: from guri.nttv6.jp (guri.nttv6.jp [IPv6:2402:c800:ff06:144::148]) by ietfa.amsl.com (Postfix) with ESMTP id A0E9B11E80CB; Tue, 10 Jul 2012 13:36:29 -0700 (PDT)
Received: from z.nttv6.jp (z.nttv6.jp [115.69.228.212]) by guri.nttv6.jp (NTTv6MTA) with ESMTP id E1838BDC18; Wed, 11 Jul 2012 05:36:54 +0900 (JST)
Received: from localhost (localhost [IPv6:::1]) by z.nttv6.jp (NTTv6MTA) with ESMTP id B66ACE169A; Wed, 11 Jul 2012 05:36:54 +0900 (JST)
Date: Wed, 11 Jul 2012 05:36:54 +0900 (JST)
Message-Id: <20120711.053654.193724485.miyakawa@nttv6.jp>
To: simon.perreault@viagenie.ca
From: Shin Miyakawa <miyakawa@nttv6.jp>
In-Reply-To: <4FFC9143.40407@viagenie.ca>
References: <4FFC844F.3010207@viagenie.ca> <tsl1ukj9ye1.fsf@mit.edu> <4FFC9143.40407@viagenie.ca>
Organizaton: NTT Communications
X-Mailer: Mew version 6.3 on Emacs 23.2 / Mule 6.0 (HANACHIRUSATO)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Tue, 10 Jul 2012 13:40:21 -0700
Cc: miyakawa@nttv6.jp, ietf@ietf.org, secdir@ietf.org, pcp@ietf.org, hartmans-ietf@mit.edu, draft-ietf-behave-lsn-requirements@tools.ietf.org
Subject: Re: [secdir] [pcp] secdir review of draft-ietf-behave-lsn-requirements
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jul 2012 20:36:30 -0000

>> Then that still permits the case of third_party for administration
>> motivating the text in 13.1.
> 
> Makes sense to me.

+1

> How about adding a sentence like...
> 
> "CGN as described in this document does not provide any security
> benefits over either single-user NAT or no NAT at all."

I agree with Simon (also as one of the authors of this draft).

We think that CGN is not the machine to proveide security benefits
and the original intension of this draft is just to make CGN as neutral as possible...

Best wishes,

Shin Miyakawa