IETF Logo Mail Archive

Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03

EricLKlein@softhome.net Mon, 25 August 2008 17:17 UTC

Return-Path: <owner-v6ops@ops.ietf.org>
X-Original-To: ietfarch-v6ops-archive@core3.amsl.com
Delivered-To: ietfarch-v6ops-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 938883A67EE for <ietfarch-v6ops-archive@core3.amsl.com>; Mon, 25 Aug 2008 10:17:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.977
X-Spam-Level: *
X-Spam-Status: No, score=1.977 tagged_above=-999 required=5 tests=[BAYES_40=-0.185, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CafuFTYtcc8Z for <ietfarch-v6ops-archive@core3.amsl.com>; Mon, 25 Aug 2008 10:17:27 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id E92643A68B7 for <v6ops-archive@lists.ietf.org>; Mon, 25 Aug 2008 10:17:26 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-v6ops@ops.ietf.org>) id 1KXfeO-000OMj-3F for v6ops-data@psg.com; Mon, 25 Aug 2008 17:14:44 +0000
Received: from [66.54.152.27] (helo=jive.SoftHome.net) by psg.com with smtp (Exim 4.69 (FreeBSD)) (envelope-from <EricLKlein@softhome.net>) id 1KXfeF-000OLH-Aq for v6ops@ops.ietf.org; Mon, 25 Aug 2008 17:14:37 +0000
Received: (qmail 5861 invoked by uid 417); 25 Aug 2008 17:14:27 -0000
Received: from mambo- (HELO softhome.net) (172.16.2.15) by shunt-smtp-out-0 with SMTP; 25 Aug 2008 17:14:27 -0000
Received: from localhost (localhost [127.0.0.1]) (uid 417) by softhome.net with local; Mon, 25 Aug 2008 11:14:27 -0600
References: <20080824204553.08131c65.ipng@69706e6720323030352d30312d31340a.nosense.org> <C4B976B3-03F8-490F-8C15-242654DFF58B@cisco.com>
In-Reply-To: <C4B976B3-03F8-490F-8C15-242654DFF58B@cisco.com>
From: EricLKlein@softhome.net
To: IPv6 Operations <v6ops@ops.ietf.org>
Subject: Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03
Date: Mon, 25 Aug 2008 11:14:27 -0600
Mime-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Sender: EricLKlein@softhome.net
X-Originating-IP: [62.219.97.107]
Message-ID: <courier.48B2E873.00001D03@softhome.net>
Sender: owner-v6ops@ops.ietf.org
Precedence: bulk
List-ID: <v6ops.ops.ietf.org>

Fred Baker writes: 

> Forwarding comments... 
> 
> Begin forwarded message: 
> 
>> From: Mark Smith <ipng@69706e6720323030352d30312d31340a.nosense.org>
>> Date: August 24, 2008 4:15:53 AM PDT
>> To: jhw@apple.com, v6ops-residential-cpe-design- team@external.cisco.com
>> Subject: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03 
>> 
>> Hi, 
>> 
>> I've finally found a bit of time to start having a read through the 03
>> version of this draft. I haven't read through all of it yet, however
>> here are some starting suggestions: 
>> 
>> 2.  Overview 
>> 
>> Change "requires" to "provides", just to continue to emphasise a bit
>> that the statefulness of NAT wasn't specifically designed into it: 
>> 
>> "Only the perceived security benefits associated with stateful packet
>> filtering, which NAT (requires|*provides*) as a side effect, are
>> thought relevant in the IPv6 residential usage scenario."

Problem with the text is that NAT <> security, this is why it is not in v6.

v2.23.0 | Report a Bug | By Email