Re: [v6ops] ITU-T SG17 IPv6 security work items liaison
Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 06 June 2011 11:41 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 56DA211E80F8; Mon, 6 Jun 2011 04:41:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KcGkv6PgkxUu; Mon, 6 Jun 2011 04:41:40 -0700 (PDT)
Received: from scss.tcd.ie (hermes.cs.tcd.ie [134.226.32.56]) by ietfa.amsl.com (Postfix) with ESMTP id 2D04211E80D6; Mon, 6 Jun 2011 04:41:40 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by hermes.scss.tcd.ie (Postfix) with ESMTP id 5A76C171C18; Mon, 6 Jun 2011 12:41:39 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; h= content-transfer-encoding:content-type:in-reply-to:references :subject:mime-version:user-agent:from:date:message-id:received :received:x-virus-scanned; s=cs; t=1307360497; bh=HGQZCafMYnnf4+ cQeY11uzwY5tWANiICFL/8uDkNxpc=; b=uuju7tFoXlq6V7j4TQGbUxhLmSXQ/P EzPwhIvHKGeDqINtSypNv6oimK3d1264ZRpmnMZgK6mu/toqCVoYeo5o4jBlxIeG DZ4Mmul6h47NwGgIwUUQw2PKwvJO91Qt1H+K0hpviG1crqV5iWiP1qNFALBqagHQ s8EZmA5IVcYa6pTsmj6VO9h4LoGxTLG0m7avfJ3+inkTDfUoGWZa1iWijSLBqwse WjLWBORn/Q59GfcpiXn6TtsKkX1CmzGfnN2JmS5gZxKVa1X4FxUvbjcO3H63Jcaw LbosmpcuFhP2F+AMMwgM2UhGpFoU6zxkl1ToBOjXBNgrrldZfhl5O+QA==
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from scss.tcd.ie ([127.0.0.1]) by localhost (scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10027) with ESMTP id o8oaWcScZvBj; Mon, 6 Jun 2011 12:41:37 +0100 (IST)
Received: from [10.87.48.9] (unknown [86.42.182.86]) by smtp.scss.tcd.ie (Postfix) with ESMTPSA id 2C0D8171C17; Mon, 6 Jun 2011 12:41:35 +0100 (IST)
Message-ID: <4DECBCEE.6070108@cs.tcd.ie>
Date: Mon, 06 Jun 2011 12:41:34 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.17) Gecko/20110424 Lightning/1.0b2 Thunderbird/3.1.10
MIME-Version: 1.0
To: Arturo Servin <arturo.servin@gmail.com>
References: <4DEA6323.4070302@cs.tcd.ie> <20110605031045.GK88250@verdi> <B0462FE5-02E9-4CDD-B16B-F63198AEE3C5@gmail.com>
In-Reply-To: <B0462FE5-02E9-4CDD-B16B-F63198AEE3C5@gmail.com>
X-Enigmail-Version: 1.1.1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: IPv6 Operations <v6ops@ietf.org>, ipv6@ietf.org, Eliot Lear <lear@cisco.com>, saag@ietf.org, "Turner, Sean P." <turners@ieca.com>, John Leslie <john@jlc.net>
Subject: Re: [v6ops] ITU-T SG17 IPv6 security work items liaison
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jun 2011 11:41:41 -0000
On 05/06/11 21:30, Arturo Servin wrote: > > I do not see why the ITU has to start from zero. What Eliot said. > There are several (or some at least) very good RFC and I+D documents related to IPv6 security. Sure. Feel free to send RFC numbers and we'll include some in the draft response that we'll circulate in a while. (So no need to spam everyone with those, just sending your suggestions to Eliot, Sean and I will be enough.) Thanks, S. > I think we should recommend them to ITU, it is good that they let us know, it would be better if they use our work as a foundation. > > just my 20 cents > -as > > > On 5 Jun 2011, at 00:10, John Leslie wrote: > >> Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: >>> >>> We received a liaison [1] from ITU-T saying they're >>> planning to start a couple of work items on the >>> security of IPv6. As far as we know, they envisage >>> developing a "technical guideline on deploying IPv6" >>> and "Security Management Guideline for implementation >>> of IPv6 environment in telecommunications >>> organizations." Bear in mind that they're just starting >>> so they know about as much as we would just before a >>> BoF or something like that. >>> >>> I think we'd like to respond to them that that's great, >>> and we'll be interested in their results, but can they >>> *please* come back to us before saying something should >>> be changed so's we can talk about it. >> >> I don't think that's quite right. We should welcome their studying >> security issues; but I think we need to _strongly_ encourage them to >> start from draft-ietf-6man-node-req-bis when it becomes an RFC -- since >> it has _significant_ changes from RFC 4294 (and an ITU-T study based >> on RFC4294 will be of rather limited value). >> >> Furthermore, ITU-T should NOT propose "changes" to IPv6 protocol >> or the Node Requirements. The language there should talk of documenting >> security "concerns" or "issues" or whatever term seems neutral enough; >> and list as the next step exchanging ideas of what "changes" might help. >> >> Clearly, ITU-T is entirely justified in publishing recommendations >> of what level of security-related-trust to place in IPv6 packet >> forwarding: but any protocol _changes_ are outside their bailiwick. >> >> (As an aside, IETF should resist most proposals for change until >> IPv6 sees widespread deployment -- deploying to a moving target is >> just TOO risky.) >> >> -- >> John Leslie <john@jlc.net> >> -------------------------------------------------------------------- >> IETF IPv6 working group mailing list >> ipv6@ietf.org >> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 >> -------------------------------------------------------------------- >
- [v6ops] ITU-T SG17 IPv6 security work items liais… Stephen Farrell
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… John Leslie
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… Fred Baker
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… Tina Tsou
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… Fred Baker
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… Arturo Servin
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… Eliot Lear
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… Stephen Farrell
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… Williams, Marcus (Contractor)
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… Fernando Gont
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Stephen Farrell
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Stephen Farrell
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Russ Housley
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Bob Hinden
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Stephen Farrell
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Nick Hilliard
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Stephen Farrell
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Suresh Krishnan
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Joe Touch
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Stephen Farrell
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Joe Touch
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Fred Baker
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Stephen Farrell
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Tim Chown
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Eliot Lear
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … t.petch
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Eliot Lear
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Joe Touch