Forwarded with Warren's ok.
Begin forwarded message:
From: Warren Kumari <[EMAIL PROTECTED]>
Date: 22 June 2006 11:52:23 EDT (CA)
To: [EMAIL PROTECTED]
Subject: Notes on: raft-jabley-as112-being-attacked-help-help-00.txt
Hi Joe,
For some reason I found the title of draft (esp the -help-help
part) incredibly funny -- I wont be able to think of AS112 without
having a mental picture of a firewall admin running around in
circles shouting "Help! Help! I'm being attacked!". Possibly its
because I have had to deal with (and have become very frustrated
with) security people complaining about exactly this case, you
captured their blind panic perfectly.... Anyway...
This is a really well written draft. When I do submit draft
feedback I usually have multiple pages of notes, this time all I
have is 2 very minor suggestions:
--------
Notes on: draft-jabley-as112-being-attacked-help-help-00
Section 2. Private-Use Addresses
Due to the expected audience it may be helpful to enumerate the
RFC1918 ranges (yes, I know you cite the RFC, but...), eg:
"Many sites connected to the Internet make use of address blocks
designated in [RFC1918] for private use. These blocks span 10.0.0.0
- 10.255.255.255, 172.16.0.0-172.31.0.0, 192.168.0.0-192.168.255.255"
Section 4. Reverse DNS for Private-Use Addresses
"This means that sending queries out to the Internet is
not sensible:" -- perhaps you can replace the word sensible with
one that is less charged? Perhaps "pointless"? Yes, sending queries
to the Internet *is not* sensible, but once someone is pointed at
this doc they are probably a: a bit panicked, b: riled up and c:
going to be a bit touchy.
Anyway, these really are very minor points, and I'm really glad
that you have taken the time to write this.
Warren.
.
dnsop resources:_____________________________________________________
web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html
mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
