wrapping up. On 3/23/14, 7:57 AM, joel jaeggli wrote: > Hi, > > I hope that you folks are recovering well from IETF meeting related > excesses and accompanying travel. > > Some questions came up in the IESG review of the document that are more > appropriately answered by the working group rather than by me attempting > to channel you folks. > > https://datatracker.ietf.org/doc/draft-ietf-opsec-vpn-leakages/ > > 1. Does the working-group view view disabling IPV6 in deployed equipment > due to operational necessity as a desirable outcome.
Feedback I heard was. Not desirable, sometimes necessary. Dovetails with 7123 advice. Tweak the applicability/language so it probably represents the subset of vpns to which this applies. As a vpn developer it is in fact hard to prevent route inject even in the v6 supporting case. > 2. Does the working-group characterize the problem of vpn leakages > captured in this document as being distinct from the problems posed by > split-tunnels in general. With respect to the deliberate of the choice yes. as a distinct class of problem no, also applies to v6 supporting vpn applications used deliberately. > Your thoughts would be appreciated. Thanks, this is information that I can use with the IESG. > joel > > > > > _______________________________________________ > OPSEC mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/opsec >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
