This IETF-wide last call should be of definite interest to many developers in this WG. Please send any review comments to the addresses below, not to the IPsecME WG mailing list.
--Paul Hoffman Begin forwarded message: > From: The IESG <[email protected]> > Subject: Last Call: <draft-ietf-opsec-vpn-leakages-02.txt> (Virtual Private > Network (VPN) traffic leakages in dual-stack hosts/ networks) to > Informational RFC > Date: December 2, 2013 at 4:53:48 AM PST > To: IETF-Announce <[email protected]> > Cc: [email protected] > Reply-To: [email protected] > > > The IESG has received a request from the Operational Security > Capabilities for IP Network Infrastructure WG (opsec) to consider the > following document: > - 'Virtual Private Network (VPN) traffic leakages in dual-stack hosts/ > networks' > <draft-ietf-opsec-vpn-leakages-02.txt> as Informational RFC > > The IESG plans to make a decision in the next few weeks, and solicits > final comments on this action. Please send substantive comments to the > [email protected] mailing lists by 2013-12-16. Exceptionally, comments may be > sent to [email protected] instead. In either case, please retain the > beginning of the Subject line to allow automated sorting. > > Abstract > > > The subtle way in which the IPv6 and IPv4 protocols co-exist in > typical networks, together with the lack of proper IPv6 support in > popular Virtual Private Network (VPN) products, may inadvertently > result in VPN traffic leaks. That is, traffic meant to be > transferred over a VPN connection may leak out of such connection and > be transferred in the clear from the local network to the final > destination. This document discusses some scenarios in which such > VPN leakages may occur, either as a side effect of enabling IPv6 on a > local network, or as a result of a deliberate attack from a local > attacker. Additionally, it discusses possible mitigations for the > aforementioned issue. > > > > > The file can be obtained via > http://datatracker.ietf.org/doc/draft-ietf-opsec-vpn-leakages/ > > IESG discussion can be tracked via > http://datatracker.ietf.org/doc/draft-ietf-opsec-vpn-leakages/ballot/ > > > No IPR declarations have been submitted directly on this I-D. > > _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
