On 05/06/11 21:30, Arturo Servin wrote: > > I do not see why the ITU has to start from zero.
What Eliot said. > There are several (or some at least) very good RFC and I+D documents related > to IPv6 security. Sure. Feel free to send RFC numbers and we'll include some in the draft response that we'll circulate in a while. (So no need to spam everyone with those, just sending your suggestions to Eliot, Sean and I will be enough.) Thanks, S. > I think we should recommend them to ITU, it is good that they let us know, it would be better if they use our work as a foundation. > > just my 20 cents > -as > > > On 5 Jun 2011, at 00:10, John Leslie wrote: > >> Stephen Farrell <[email protected]> wrote: >>> >>> We received a liaison [1] from ITU-T saying they're >>> planning to start a couple of work items on the >>> security of IPv6. As far as we know, they envisage >>> developing a "technical guideline on deploying IPv6" >>> and "Security Management Guideline for implementation >>> of IPv6 environment in telecommunications >>> organizations." Bear in mind that they're just starting >>> so they know about as much as we would just before a >>> BoF or something like that. >>> >>> I think we'd like to respond to them that that's great, >>> and we'll be interested in their results, but can they >>> *please* come back to us before saying something should >>> be changed so's we can talk about it. >> >> I don't think that's quite right. We should welcome their studying >> security issues; but I think we need to _strongly_ encourage them to >> start from draft-ietf-6man-node-req-bis when it becomes an RFC -- since >> it has _significant_ changes from RFC 4294 (and an ITU-T study based >> on RFC4294 will be of rather limited value). >> >> Furthermore, ITU-T should NOT propose "changes" to IPv6 protocol >> or the Node Requirements. The language there should talk of documenting >> security "concerns" or "issues" or whatever term seems neutral enough; >> and list as the next step exchanging ideas of what "changes" might help. >> >> Clearly, ITU-T is entirely justified in publishing recommendations >> of what level of security-related-trust to place in IPv6 packet >> forwarding: but any protocol _changes_ are outside their bailiwick. >> >> (As an aside, IETF should resist most proposals for change until >> IPv6 sees widespread deployment -- deploying to a moving target is >> just TOO risky.) >> >> -- >> John Leslie <[email protected]> >> -------------------------------------------------------------------- >> IETF IPv6 working group mailing list >> [email protected] >> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 >> -------------------------------------------------------------------- > -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
