Re: [v6ops] [saag] ITU-T SG17 IPv6 security work items liaison
Suresh Krishnan <suresh.krishnan@ericsson.com> Tue, 14 June 2011 15:34 UTC
Return-Path: <suresh.krishnan@ericsson.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD2F311E813E; Tue, 14 Jun 2011 08:34:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.21
X-Spam-Level:
X-Spam-Status: No, score=-106.21 tagged_above=-999 required=5 tests=[AWL=-0.211, BAYES_00=-2.599, J_CHICKENPOX_13=0.6, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id egDgaaoeXu04; Tue, 14 Jun 2011 08:34:23 -0700 (PDT)
Received: from imr3.ericy.com (imr3.ericy.com [198.24.6.13]) by ietfa.amsl.com (Postfix) with ESMTP id 82CAB11E80B0; Tue, 14 Jun 2011 08:34:21 -0700 (PDT)
Received: from eusaamw0711.eamcs.ericsson.se ([147.117.20.178]) by imr3.ericy.com (8.13.8/8.13.8) with ESMTP id p5EFYDKn017018 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 14 Jun 2011 10:34:14 -0500
Received: from [142.133.10.107] (147.117.20.214) by eusaamw0711.eamcs.ericsson.se (147.117.20.179) with Microsoft SMTP Server id 8.3.137.0; Tue, 14 Jun 2011 11:34:13 -0400
Message-ID: <4DF77E98.8030300@ericsson.com>
Date: Tue, 14 Jun 2011 11:30:32 -0400
From: Suresh Krishnan <suresh.krishnan@ericsson.com>
User-Agent: Thunderbird 2.0.0.24 (X11/20101027)
MIME-Version: 1.0
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
References: <4DEA6323.4070302@cs.tcd.ie> <4DF69899.2050606@cs.tcd.ie>
In-Reply-To: <4DF69899.2050606@cs.tcd.ie>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
Cc: "v6ops@ietf.org" <v6ops@ietf.org>, "ipv6@ietf.org" <ipv6@ietf.org>, "saag@ietf.org" <saag@ietf.org>
Subject: Re: [v6ops] [saag] ITU-T SG17 IPv6 security work items liaison
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jun 2011 15:34:25 -0000
Hi Stephen, Please consider adding the following RFCs to the list. RFC3756 IPv6 Neighbor Discovery (ND) Trust Models and Threats RFC4890 Recommendations for Filtering ICMPv6 Messages in Firewalls RFC4942 IPv6 Transition/Co-existence Security Considerations RFC5157 IPv6 Implications for Network Scanning Thanks Suresh On 11-06-13 07:09 PM, Stephen Farrell wrote: > All, > > Thanks for the feedback on this liaison. Eliot (mostly) > and I (a bit) have tried to capture all that in the > text below. Please send any comments on that (with > specific alternative text) in the next week and then > we'll shoot it on to them. > > RFC 3514 does have some words about IPv6 - should I > add that as a reference? :-) > > Thanks, > Stephen. > > From: IETF Security Area > To: Study Group 17, Questions 2 and 3 > Title: Work on Security of IPv6 > > FOR ACTION > > The IETF thanks Study Group 17 for its liaison LS-206 "Liaison on IPv6 > security issues". As the world transitions to IPv6, new opportunities > and challenges and challenges arise. SG17's new focus on deployment and > implementation considerations reflects this reality. We would like to > bring to your attention the following work which we believe may prove a > useful basis for both X.ipv6-secguide and X.mgv6: > > * RFC 4294 – "IPv6 Node Requirements" (N.B., this work is currently > under revision) > * draft-ietf-6man-node-req-bis (work in progress) – "IPv6 Node > Requirements RFC 4294-bis" > * RFC 4864 – "Local Network Protection for IPv6" > * RFC 6092 – "Recommended Simple Security Capabilities in Customer > Premise Equipment (CPE) for Providing Residential IPv6 Internet > Service" > * RFC 6105 – "IPv6 Router Advertisement Guard" > * RFC 6106 – "IPv6 Router Advertisement Options for DNS > Configuration", §7 in particular. > > As you are aware, every RFC contains a Security Considerations section. > In developing either a implementation or deployment guide, contributors > are strongly encouraged to review the RFCs and Internet-Drafts that > support any underlying function. > > In addition, we bring to your attention the following IETF Working > Groups that are working on security-related work of IPv6: > > Working Group Purpose Mailing list address > Name > > 6man IPv6 Maintenance ipv6@ietf.org > savi Source Address Validation savi@ietf.org > Improvements > dhc Dynamic Host Configuration dhcwg@ietf.org > v6ops IPv6 Operations v6ops@ietf.org > opsec Operational Security opsec@ietf.org > Capabilities for an IP > Network > > In addition to the above working groups, the Security Area of the IETF > maintains a mailing list for general discussion, saag@ietf.org. We > encourage and invite open and informal discussion in these or other > relevant IETF fora on this very important topic. As with all IETF > working groups, any and all interested parties can choose to directly > contribute via the mailing lists above. > > As in other areas, the Security Area of the IETF invites SG17 to bring > any new-found concerns about IETF protocols to our attention so that as > and when we revise our documents we can make appropriate amendments to > IETF protocols. In particular, as this planned work matures, we would > welcome hearing about it in more detail, perhaps via an invited > presentation at a saag meeting or via review of draft documents as may > be appropriate. > > > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > --------------------------------------------------------------------
- [v6ops] ITU-T SG17 IPv6 security work items liais… Stephen Farrell
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… John Leslie
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… Fred Baker
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… Tina Tsou
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… Fred Baker
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… Arturo Servin
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… Eliot Lear
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… Stephen Farrell
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… Williams, Marcus (Contractor)
- Re: [v6ops] ITU-T SG17 IPv6 security work items l… Fernando Gont
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Stephen Farrell
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Stephen Farrell
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Russ Housley
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Bob Hinden
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Stephen Farrell
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Nick Hilliard
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Stephen Farrell
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Suresh Krishnan
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Joe Touch
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Stephen Farrell
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Joe Touch
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Fred Baker
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Stephen Farrell
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Tim Chown
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Eliot Lear
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … t.petch
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Eliot Lear
- Re: [v6ops] [saag] ITU-T SG17 IPv6 security work … Joe Touch