IETF Logo Mail Archive

Re: [v6ops] draft-ietf-v6ops-balanced-ipv6-security WGLC

Lorenzo Colitti <lorenzo@google.com> Wed, 20 November 2013 08:11 UTC

Return-Path: <lorenzo@google.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E79F1AE38A for <v6ops@ietfa.amsl.com>; Wed, 20 Nov 2013 00:11:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.903
X-Spam-Level:
X-Spam-Status: No, score=-1.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.525, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id urSm1I9O6Q1L for <v6ops@ietfa.amsl.com>; Wed, 20 Nov 2013 00:11:26 -0800 (PST)
Received: from mail-ie0-x22d.google.com (mail-ie0-x22d.google.com [IPv6:2607:f8b0:4001:c03::22d]) by ietfa.amsl.com (Postfix) with ESMTP id A08D41AE382 for <v6ops@ietf.org>; Wed, 20 Nov 2013 00:11:26 -0800 (PST)
Received: by mail-ie0-f173.google.com with SMTP id to1so2694997ieb.32 for <v6ops@ietf.org>; Wed, 20 Nov 2013 00:11:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=CKatr+04LVUBLQl+R1otMlOmUIS815fN0MorlC6+X3I=; b=pUd6RVbhyTAFhnpzTOTjqOu72A3aSBbIe3j17OHRT9CfgWuXnRxuQEww+yTnV0LMY7 2QaQENI4udaa8R5StcwVRWRkbPbGnG+Jr1iBK4Mc+4Y583SU5PoovZb8NT6vFYmnzNVm cuZXl4Z2ZyjMGi/eAsa4363x0jUo98Sq4NRLLFlWCNewG3G7tzx9Kyh/27RHfO7Xk1jx M/mSUgyYfqUEZCvHtrwZeIWwLyKGFMYgYETfsmcGtTMhrvtUsnzgznNv2Sq/Iu9f3Ed7 qWbsVbOIfELcav/7GciH1y8DirUHV79VUg5+zOinmmqDovPVOfpnV8WgIu4Us7mOSzgd SPDg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=CKatr+04LVUBLQl+R1otMlOmUIS815fN0MorlC6+X3I=; b=fTRq+ealekHjsHXxYdvQTTuulO0NVnC1G53ml/LvwiHxcYQezGJEry8E0YqIkmTLmv k8uHQ3uQR12tgKGYAjXfGvkarWi6Nea4Qsj3I9clQkI64qu4Of13EbP1Pun9VpXLA1N7 PHQhlnCltVFDgOONVolClP+1NE73qKWub48YSGh4P/8c+ZB8VYt9r6mXOgmR//hXoda4 L4GN5XRkdy6APNXdZsRw51JHtFDYDXCRNhyuOo4skJz4IUTgt8Ia+61IiCWCOrS8VIFA UbmcSnXBh/FwxrxYIrLCEzQNpA/LYaFordwTqazMLjhz3RPfHkp8OmeV8pSY7DhvvY3p ST8w==
X-Gm-Message-State: ALoCoQl1Uh30TaWUnbXse9bJoG42y3T1eRyYNGwC/arqXFVPIZHw4N9+JI8yoJZNlhluSMKigbTgJSx9U4bKOc2WFDFrOm1c5GUW8vzttLNIA2OoxCrysL5QhfL3b5a329J0mjyG0Y6FwQ2I7J125oaWaMsVCos84gM6LtYMO+qYfldwHio+ItpFjyKF+ymSUBBV4EXMLNbi
X-Received: by 10.50.40.102 with SMTP id w6mr22610274igk.20.1384935080301; Wed, 20 Nov 2013 00:11:20 -0800 (PST)
MIME-Version: 1.0
Received: by 10.64.86.106 with HTTP; Wed, 20 Nov 2013 00:10:59 -0800 (PST)
In-Reply-To: <CAB0C4xOej1KhU2cA_edozG98V8ah1LgqDcu4RdwpXyQTRYRS_w@mail.gmail.com>
References: <201311101900.rAAJ0AR6025350@irp-view13.cisco.com> <CAB0C4xOfz_JAjEEJZ-Zz7MBEyZhVzrAE+8Ghf1ggC3+9pyHmNg@mail.gmail.com> <989B8ED6-273E-45D4-BFD8-66A1793A1C9F@cisco.com> <5288FC15.5080508@globis.net> <CAKD1Yr1gQ8r80NxbJwxbNc8esm1ekk1JGMUoQo712CpvLJ8ogw@mail.gmail.com> <CAB0C4xOej1KhU2cA_edozG98V8ah1LgqDcu4RdwpXyQTRYRS_w@mail.gmail.com>
From: Lorenzo Colitti <lorenzo@google.com>
Date: Wed, 20 Nov 2013 17:10:59 +0900
Message-ID: <CAKD1Yr3uVmiS6Xqhx_qeFEeWnBkaax5CN2Zb5yu8CeML1tzBHA@mail.gmail.com>
To: Marc Lampo <marc.lampo.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="089e0112c7fe7fc7c304eb97531a"
Cc: Ray Hunter <v6ops@globis.net>, "v6ops@ietf.org WG" <v6ops@ietf.org>
Subject: Re: [v6ops] draft-ietf-v6ops-balanced-ipv6-security WGLC
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2013 08:11:28 -0000

On Wed, Nov 20, 2013 at 5:01 PM, Marc Lampo <marc.lampo.ietf@gmail.com>wrote:

> This document states, for several recommendations in RFC 6092, exactly the
> opposite of that document.
>

Which ones? Obviously you're not suggesting that RFC 6092 recommends that
unsolicited inbound packets be dropped by default, right? Because it
doesn't say that.


> In addition, as I touched in my very first reaction, this draft lists a
> number of threats - section 2.
>  But, in my opinion, none of those threats are addressed by the rules for
> balanced security - section 3.1.
>  (my first comment only referred to the last threat on covert channels,
> but I must rephrase)
>

Do you have text to suggest?


> In reply to the question : yes, personally I would be happier if the ISP
> dropped all unsolicited packets towards my network (except IPsec).
>

And there are people in this working group that will never agree with you.
For example, I will never agree with you.

But fortunately, that has no relevance on this document. Since this
document does not recommend a security policy, saying "I don't like the
security policy" (which is your opinion, and one you're perfectly entitled
to) is not a valid reason not to publish this document.

v2.23.0 | Report a Bug | By Email