Re: [v6ops] Asking for a review of draft-ietf-opsec-v6-08
Erik Kline <ek@google.com> Wed, 15 June 2016 19:45 UTC
Return-Path: <ek@google.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 50CCB12DB5D for <v6ops@ietfa.amsl.com>; Wed, 15 Jun 2016 12:45:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.127
X-Spam-Level:
X-Spam-Status: No, score=-4.127 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JVPB5UtMOmsa for <v6ops@ietfa.amsl.com>; Wed, 15 Jun 2016 12:45:52 -0700 (PDT)
Received: from mail-it0-x22f.google.com (mail-it0-x22f.google.com [IPv6:2607:f8b0:4001:c0b::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F1D512DB5E for <v6ops@ietf.org>; Wed, 15 Jun 2016 12:45:51 -0700 (PDT)
Received: by mail-it0-x22f.google.com with SMTP id h190so30282630ith.1 for <v6ops@ietf.org>; Wed, 15 Jun 2016 12:45:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=omBwBiGMd45HWvOrFNbCn7Hf7SriMU3CNzSeCp5Cr8o=; b=M/f8nbf0jhQgOSSWoisDWB5QO5SDfunxrYPnhw7g8XGgX7lvDGvFGE1MKMHw2L9I5K hqkTYs3GGLN0MWXNXv6Bw9PzwIvwetCDeNMgc6vixGHCQx2Xx34cXaOL+6Q/oK05fWJC lqLjj9tlmBrZALhfdyrAyxO9iDBRhdkvKhjBNUAEKaBB+NeRU31ummZdAhfwalnQDeXG 2pta7ssVF5VpGE1Kh6laX0x5f2LeKXiaUNAS0RFAQMI5HcTTiwXmXLpISG7xGAu+j9pS OXTUgWcMKGkPUjKGBTLDhxQ6OeflTJuESMN7hYXMu++rS7zE059MgoqQyWe/o57iJ6Is i4vw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=omBwBiGMd45HWvOrFNbCn7Hf7SriMU3CNzSeCp5Cr8o=; b=Vej4u3Joom9huaeeT2RmFGcYrfXXx7o0gTKjh6OlosWnTpEbitbcqqqKfNQ5CUT0Tu KWsNY9RH/OMzwfa0Az5JDLgTAjRKBUh+cxf9j8ZYPx/uK68YhLgcucXamKwbkuNqWahi hWd+p6ievSnX6sGzKJZJKbgutjMBKFi6dpjwoTFqdK4Uy/5ojhjSPTQ1Z/bhY2pyoB94 TInSxmvP0174PxjIrtdA6ZPHAlmT6E92NJ0tBNxIHHs0OSSrjHPmjvAFj/xfpIgpSt1J yY6nVMTb7IfuoHbNXAnrQLVkVbQmV6TZSNZUt9lRKDX7S4zbWmrAxj8vmj6SH/wowpjT BfvA==
X-Gm-Message-State: ALyK8tI/DYxLQu910Sqror0lpl+Jl64yFZOcQ7IaCK8jLG6b4jNgJ5XzsqUP0eSpeh5sv9eISYS8dSLgqxRzOWWu
X-Received: by 10.36.249.137 with SMTP id l131mr3929866ith.21.1466019950823; Wed, 15 Jun 2016 12:45:50 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.67.74 with HTTP; Wed, 15 Jun 2016 12:45:31 -0700 (PDT)
In-Reply-To: <D386FF93.75916%evyncke@cisco.com>
References: <D386FF93.75916%evyncke@cisco.com>
From: Erik Kline <ek@google.com>
Date: Wed, 15 Jun 2016 12:45:31 -0700
Message-ID: <CAAedzxqBr=ApvGTUrjNUnRmpcamkt4OH1CchcDEWgDcXRgo8Fw@mail.gmail.com>
To: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/UBoQ9KwbiZKc7xZEiyjSr_hMVHI>
Cc: "fgont@si6networks.com" <fgont@si6networks.com>, "opsec@ietf.org" <opsec@ietf.org>, "draft-ietf-opsec-v6@ietf.org" <draft-ietf-opsec-v6@ietf.org>, "v6ops@ietf.org" <v6ops@ietf.org>, "linkedin@xn--debrn-nva.de" <linkedin@xn--debrn-nva.de>
Subject: Re: [v6ops] Asking for a review of draft-ietf-opsec-v6-08
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jun 2016 19:45:55 -0000
Section 2.1.2 is far too permissive for my tastes. We need to be able to say that ULA+IPv6 NAT is NOT RECOMMENDED by the IETF. Section 2.6.1.5 could punch up the SAVI stuff a bit more as well. We should, in my opinion, make it painfully clear that DHCP (of any protocol) in the absence of link-layer security/auditability features does not provide any satisfactory way "to ensure audibility and traceability" [Section 2.1.6].
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Gert Doering
- Re: [v6ops] Asking for a review of draft-ietf-ops… Erik Kline
- Re: [v6ops] Asking for a review of draft-ietf-ops… Eric Vyncke (evyncke)
- Re: [v6ops] Asking for a review of draft-ietf-ops… Eric Vyncke (evyncke)
- Re: [v6ops] Asking for a review of draft-ietf-ops… Markus deBruen
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Fred Baker (fred)
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Mark Andrews
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Brian E Carpenter
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Gert Doering
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Marco Ermini
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Marco Ermini
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Gert Doering
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Marco Ermini
- Re: [v6ops] Asking for a review of draft-ietf-ops… Lorenzo Colitti
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Brian E Carpenter
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Brian E Carpenter
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Mark Smith
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Marco Ermini
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Mark Smith
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Marco Ermini
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Mark Smith
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Marco Ermini
- Re: [v6ops] Asking for a review of draft-ietf-ops… Brian E Carpenter
- Re: [v6ops] Asking for a review of draft-ietf-ops… Erik Kline
- Re: [v6ops] Asking for a review of draft-ietf-ops… Sleigh, Robert
- [v6ops] Asking for a review of draft-ietf-opsec-v… Eric Vyncke (evyncke)
- Re: [v6ops] Asking for a review of draft-ietf-ops… Fred Baker (fred)
- Re: [v6ops] Asking for a review of draft-ietf-ops… Howard, Lee
- Re: [v6ops] [OPSEC] Asking for a review of draft-… Mark Smith
- Re: [v6ops] Asking for a review of draft-ietf-ops… Mark Smith