[EMAIL PROTECTED] writes:
> James,
>
> >Ed Jankiewicz writes:
> >> As Jim Bound has stated many times, IETF defines standards not
> >> deployment, and the Node Requirements revision should reiterate that
> >> the standard for security in IPv6 is IPsec citing RFC 4301
> >(successor
> >> to 2401). OTOH, we at DoD and NIST are certainly addressing
> >> deployment
> >
> >That's an argument for: "if you claim to implement security at
> >all with IPv6, you must at least implement IPsec as described
> >in {insert references}."
> >
> >It's not a good argument for "everyone must implement security
> >in all cases in order to be considered a good IPv6 citizen,
> >even if they have no plans to use those security protocols, so there."
>
> Well, I would say that we (HW, SW, Platform providers) cannot expect to
> understand
> all of the ways that their products will be deployed, so it is extremely
Some platform vendors _do_ sell into markets where deployments are
well understood. Others, as you rightly note, do not.
I don't see a reason to saddle vendors who don't need a particular
feature with an empty requirement to provide it anyway.
> hard
> to state "security is not needed." I am sure we can find a few corner
> cases,
> but I find it hard to believe that we can accept this as a general
> truism.
If we can't assert that it's true in all cases, then why use "MUST"?
> The Security Area has clearly stated that security is important; having
> mechanisms to secure protocols is manditory; multiple non-madatory
> solutions decrease security.
I agree with the first and last of those, but not necessarily the
second. That's why I believe that the text should say:
SHOULD implement IPsec
and perhaps even:
if any security protocols are implemented, then MUST implement
at least IPsec
That leaves room for vendors who have no need of IPsec to comply with
the requirements.
It seems to me that what might be missing here is the definition of
"SHOULD." It's not a whimsical requirement. That word has special
meaning in this context:
3. SHOULD This word, or the adjective "RECOMMENDED", mean that there
may exist valid reasons in particular circumstances to ignore a
particular item, but the full implications must be understood and
carefully weighed before choosing a different course.
In other words, vendors who don't know what they're doing, and don't
understand the full implications of it, are required to follow the
recommendation. Those who don't follow it need to know exactly what
they're doing and why the choice is right -- which matches up exactly
with your "few corner cases" comment above.
> I interpret this to mean that if you have IPv6, you need a common
> mechanism
> to secure it.
No ... it means that if you have any common security mechanism, then
you need to provide a single common one. Providing more than one is
not as good, but, clearly, providing zero is reasonable provided that
you _know_ nobody will use it anyway.
--
James Carlson, Solaris Networking <[EMAIL PROTECTED]>
Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
