ietf
[Top] [All Lists]

Re: [OPSEC] Last Call: <draft-ietf-opsec-ipv6-implications-on-ipv4-nets-03.txt> (Security Implications of IPv6 on IPv4 Networks) to Informational RFC

2013-04-10 11:11:07
Hi Fernando,

On 10/04/2013 06:17, Fernando Gont wrote:
Hi, Brian,

My apologies for the delay in my response. Please find my comments
in-line...


On 04/02/2013 06:45 AM, Brian E Carpenter wrote:
Fernando,

Rather than repeating myself, I'll suggest a change to the Introduction
that would (IMHO) improve the message:

OLD:

1.  Introduction

   Most general-purpose operating systems implement and enable native
   IPv6 [RFC2460] support and a number of transition/co-existence
   technologies by default.  For cases in which the corresponding
   devices are deployed on networks that are assumed to be IPv4-only,

NEW:

1.  Introduction

   Most general-purpose operating systems implement and enable native
   IPv6 [RFC2460] support and a number of transition/co-existence
   technologies by default [RFC6434]. Support of IPv6 by all nodes is
   intended to become best current practice [RFC6540]. As a result,
   networks will need to plan for and deploy IPv6 and its security
   mechanisms. Some enterprise networks might, however, choose to delay
   active use of IPv6. For networks that are assumed to be IPv4-only,

I've checked with a few folks, and it seems that the suggested text
would make everyone happy, except for the sentence that says "As a
result, networks will need to plan for and deploy IPv6 and its security
mechanisms.", on the basis that this is not the document to make a case
for v6 deployment. The suggestions has been to remove that sentence, and
apply the rest of your proposed text (or, alternatively, to tone down
that sentence).

For simplicity sake (and because I'm not sure how one would tone that
one down), my suggestion would be to apply you proposed text, modulo
that sentence.

Would that be okay with you? -- If not, please do let me know, so that
we can try to find a way forward that keeps everyone happy.

Well, it's not for me to call the consenus, but with that sentence
removed I would personally enter the "no objection" state.

Thanks

    Brian