Thanks Margaret for opening up discussions on each of the specific points you raised. I think we do need the discussion.
> Now, I don't actually live under a rock, so I do understand that most > of today's IPv6 nodes don't actually implement IP Security. In the > past, however, the IESG had mandated that IP Security would be a > mandatory part of IPv6, and I don't believe that they've changed that > statement. First I'd just like to note that the main approach to security is outlined in the beginning of section 3. Section 2.4 text is just a consequence of that. Now, I actually believe there's today a better understanding of what security is required when, and what are the true capabilities of various security mechanisms than back when some of the base IPv6 RFCs were created. What we describe in section 3 tries to reflect some of that new understanding. In particular, we realize that there are a few different security mechanisms, and often IETF application protocol RFCs specify a particular security mechanism to be used. This isn't always IPsec. In other cases a single mechanism is simply the most appropriate one. As an example of this, consider the use of TLS vs. IPsec for web access; I think the appropriate security mechanism is quite clear in this case. Secondly, we now have a better understanding of what IPsec can do in the area of protecting IPv6 control signaling -- it can do things, but not perhaps quite as much as was originally believed [1, 2, 3]. IPsec is however, obviously the used in e.g. corporate intranet access and VPN solutions. Therefore we feel that on size- and power-constrained devices one should select the implemented security mechanisms based on the requirements of the applications rather than a general rule. The general rules aren't very good if in the end the application RFC you were running would demand something else than the general rule, or if the deployment at the other end was something else. This conclusion seems to be supported by other approaches to host requirements [4]. In any case, I'd be very happy to get feedback on exactly what we should write as the host requirements for security. I'm reasonably happy with what we have written -- in particular I believe this is roughly where the world seems to be heading -- but if you have other ideas or improvement suggestions, please present them! Jari ---- [1] http://search.ietf.org/internet-drafts/draft-kempf-ipng-netaccess-threats-00.txt [2] http://www.arkko.com/publications/draft-arkko-manual-icmpv6-sas-00.txt [3] http://www.ietf.org/internet-drafts/draft-arkko-mipv6-bu-security-01.txt [4] http://search.ietf.org/internet-drafts/draft-okabe-ipv6-lcna-minreq-01.txt -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
