Sure, that works, but few nits;
- The first "GRE" in in the second sentence seems redundant, I'd suggest
just removing it.
- Except for applying to IPv6, the fourth sentence says almost the same
thing as the third sentence. I'd suggest adding ", including IPv6" to
the second sentence, and remove the fourth sentence all together.
- The double use of the word "beyond" in the last sentence seems
redundant as well. Maybe substitute, "Otherwise," for "Beyond that," at
the beginning of the sentence.
Putting those together you get;
The security section of [RFC 4023] identifies threats encountered when
MPLS is deliver over GRE. These threats apply equally to any payload
that is delivered over GRE, including IPv6. As stated in RFC 4023, these
threats can be mitigated by authenticating and/or encrypting the
delivery packet using IPSec [RFC 4301] procedures. Otherwise, the
current specification introduces no security considerations beyond those
mentioned in RFC 2784.
More generically, security considerations for IPv6 are discussed in
[RFC4942], operational security for IPv6 is discussed in
[I-D.ietf-opsec-v6], and security concerns for tunnels in general are
discussed in [RFC6169].
On 4/10/15 17:24 , Ronald Bonica wrote:
David, Lucy,
Having thought about it a little more, would you mind if I crafted the text as
follows:
The security section of [RFC 4023] identifies threats encountered when MPLS is
deliver over GRE. These threats apply equally to any GRE payload that is
delivered over GRE. As stated in RFC 4023, these threats can be mitigated by
authenticating and/or encrypting the delivery packet using IPSec [RFC 4301]
procedures. When the payload is IPv6, they can also be mitigated by
authenticating and/or encrypting the payload using IPSec. Beyond that, the
current specification introduces no security considerations beyond those
mentioned in RFC 2784.
More generically, security considerations for IPv6 are discussed in [RFC4942],
operational security for IPv6 is discussed in [I-D.ietf-opsec-v6], and security
concerns for tunnels in general are discussed in [RFC6169].
Ron
--
================================================
David Farmer Email: [email protected]
Office of Information Technology
University of Minnesota
2218 University Ave SE Phone: 1-612-626-0815
Minneapolis, MN 55414-3029 Cell: 1-612-812-9952
================================================
_______________________________________________
Int-area mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/int-area
