[v6ops] Comments on draft-ietf-v6ops-icp-guidance-04
SM <sm@resistor.net> Thu, 22 November 2012 10:56 UTC
Return-Path: <sm@resistor.net>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF18F21F87F2 for <v6ops@ietfa.amsl.com>; Thu, 22 Nov 2012 02:56:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.502
X-Spam-Level:
X-Spam-Status: No, score=-102.502 tagged_above=-999 required=5 tests=[AWL=0.097, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kTDbSDQASRCZ for <v6ops@ietfa.amsl.com>; Thu, 22 Nov 2012 02:56:40 -0800 (PST)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id 46ECA21F87F1 for <v6ops@ietf.org>; Thu, 22 Nov 2012 02:56:40 -0800 (PST)
Received: from SUBMAN.resistor.net (IDENT:sm@localhost [127.0.0.1]) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id qAMAt5Ls029709; Thu, 22 Nov 2012 02:55:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1353581711; bh=Jnb0iLNMjQzLIaZQtabp1IEx2+D9+VpSXDTUg8hZ30E=; h=Date:To:From:Subject:Cc; b=Jirinz+LMiyu4knKZqz1A1h34wcwgDpY6r5m57zOLBPUZDdgW9huiAW/RhYKPacAU sBRdGj81uLgxY6KC/OH1+ToOUUpt9Y6XPfX390TzE6TCLUj7rn++j4QePI0jHu765S fQSF9q5YFxg+XnAMNu5qOrcd+jZVP+lCOujoogGg=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=resistor.net; s=mail; t=1353581711; i=@resistor.net; bh=Jnb0iLNMjQzLIaZQtabp1IEx2+D9+VpSXDTUg8hZ30E=; h=Date:To:From:Subject:Cc; b=DmwWickenGFmmx5Dcrtay9m6S93/LLt/rFVBODa0eTaehZK+sBeJ0xCmmWajIP5O+ /KdFpjEIjgiuebHNWpv9GCovG15Cl1u67QBNulYOs+QpqJL020hNkcgpLPRthxwV3O p/85HPPXea5S8iPkNoSI5HhUJgcq0/PbRebE7AOA=
Message-Id: <6.2.5.6.2.20121122003329.0b7cb9a8@elandnews.com>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Thu, 22 Nov 2012 02:44:57 -0800
To: Brian Carpenter <brian.e.carpenter@gmail.com>, Sheng Jiang <jiangsheng@huawei.com>
From: SM <sm@resistor.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: v6ops@ietf.org
Subject: [v6ops] Comments on draft-ietf-v6ops-icp-guidance-04
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Nov 2012 10:56:41 -0000
Hi Brian, Sheng,
I read draft-ietf-v6ops-icp-guidance-04. Here's a few
comments. Please consider them as editorial or nits.
In Section 2:
"In determining the urgency of this strategy, it should be noted that
the central IPv4 registry (IANA) ran out of spare blocks of IPv4
addresses in February 2011 and the various regional registries are
expected to exhaust their reserves over the next one to two years."
APNIC and RIPE are in run-out mode. It's unlikely that two of the
regional registries will run out in a year or two.
I like the "just in time" advice (Section 3). Training is
ineffective if people do not have the means to put what they learned
immediately into practice.
In Section 8.2:
"One important recommendation here is that all applications should use
domain names, which are IP-version-independent, rather than IP
addresses."
This recommendation could be about content instead of
applications. Web pages with content such as
"http\x3a\x2f\x2f131.253.14.66\x2fbvsandbox.aspx" can be avoided. It
looks like you have this covered under "possible complexities".
"A specific issue for HTTP-based services is that IP address-based
cookie authentication schemes will need to deal with dual-stack
clients."
I don't see the following being covered in the recommendations.
Set-Cookie: domain=131.253.14.66; [edited header]
In Section 9:
'At the time of this writing, this solution seems to be passing out
of use, being replaced by "DNS blacklisting" of customer sites known
to have problems with IPv6 connectivity.'
Given the past discussions about "whitelisting" (see RFC 5782) I'll
highlight this and avoid the rehash.
Regards,
-sm
- [v6ops] Comments on draft-ietf-v6ops-icp-guidance… SM
- Re: [v6ops] Comments on draft-ietf-v6ops-icp-guid… Brian E Carpenter
- Re: [v6ops] Comments on draft-ietf-v6ops-icp-guid… joel jaeggli
- Re: [v6ops] Comments on draft-ietf-v6ops-icp-guid… SM
- Re: [v6ops] Comments on draft-ietf-v6ops-icp-guid… SM
- Re: [v6ops] Comments on draft-ietf-v6ops-icp-guid… Sheng Jiang