Re: [v6ops] ITU-T SG17 IPv6 security work items liaison

Hi,
RFC 4775 is the process to follow.

We keep our promises with one another - no matter what!

Best Regards,
Tina TSOU
http://tinatsou.weebly.com/contact.html

-----Original Message-----
From: ipv6-bounces@ietf.org [mailto:ipv6-bounces@ietf.org] On Behalf Of Fred
Baker
Sent: Saturday, June 04, 2011 11:10 PM
To: Stephen Farrell
Cc: Turner, Sean P.; v6ops@ietf.org; ipv6@ietf.org; saag@ietf.org; Eliot
Lear
Subject: Re: [v6ops] ITU-T SG17 IPv6 security work items liaison

On Jun 4, 2011, at 9:53 AM, Stephen Farrell wrote:

> I think we'd like to respond to them that that's great,
> and we'll be interested in their results, but can they
> *please* come back to us before saying something should
> be changed so's we can talk about it.

That seems like a reasonable proposal. 

There a, of course, several proposed sets of security guidelines for IPv6
floating in the breeze. If you want my druthers, I would like to see a
comprehensive security *architecture*. Steve Kent wrote to me last month, on
another topic, saying

> I do have a few comments about the discuss of secruity, in general. I see
that you used the CIA model for describing security requirements/services.
Although this is a commonly used model, I find it inferior to the model that
was developed by ISO in the mid 80's (ISO 7498-2).

It might be worthwhile to look at the ISO model he suggests as a possible
starting point. 

To my mind, anything resembling a security architecture will identify
threats at the physical, link, network (LAN and IP), transport, and
applications layers, and make recommendations for addressing them - and not
start from the premise of a global federated identity, which doesn't exist.
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------