I'm responding to the relevant WG as requested.
I think the document is useful and realistic, given the real world
in which firewalls live. I think OPSEC is the appropriate WG to adopt it.
I am not convinced it should be a BCP; partly for the reason Joe
gives, and partly because the advice may evolve in the light of
experience. Making the document Informational softens that difficulty.
Brian
On 25/09/2014 07:39, Joe Touch wrote:
> I am concerned about V6OPS advice that effectively deprecates IPv6
> capabilities in a BCP. IMO, if these are significant security or
> performance issues, they should be reviewed within INTAREA as updates to
> the IPv6 spec.
>
> To do this in a BCP undermines the spec without updating it.
>
> Some other comments:
>
> The advice sections in this doc fail to use RFC2119-style
> recommendations. In some cases, lower-case is used, and in other cases
> odd phrasing is used that avoids RFC2119 keywords.
>
> If this is indeed advice in the form of a BCP, the actual advice should
> be provided in RFC2119-style format.
>
> Also, the term "intermediate systems" is used in a NOTE and is not
> defined; this doc should clearly identify the type of systems that it is
> intended for (e.g., routers).
>
> Joe
>
> On 9/24/2014 2:32 AM, Gunter Van de Velde (gvandeve) wrote:
>> Dear,
>>
>> OPSEC Chairs requested "Call for WG adoption" on
>> draft-gont-opsec-ipv6-eh-filtering.
>>
>> Please voice your reflexions in OPSEC WG
>>
>> G/
>>
>> -----Original Message-----
>> From: OPSEC [mailto:[email protected]] On Behalf Of Gunter Van de Velde
>> (gvandeve)
>> Sent: 24 September 2014 11:28
>> To: [email protected]
>> Subject: [OPSEC] Call for WG adoption - Recommendations on Filtering of IPv6
>> Packets Containing IPv6 Extension Headers
>>
>> Dear,
>>
>> Please find this request for WG adoption for "Recommendations on Filtering
>> of IPv6 Packets Containing IPv6 Extension Headers"
>> The authors of the work explicitly asked for "Call for WG adoption" in its
>> current state.
>>
>> Latest draft can be found at:
>> http://tools.ietf.org/html/draft-gont-opsec-ipv6-eh-filtering-02
>>
>> (1) Do you support for adopting the draft as OPSEC WG item?
>>
>> This call for WG adoption will end 8 October 2014.
>>
>> Kind Regards,
>> OPSEC chairs
>>
>> _______________________________________________
>> OPSEC mailing list
>> [email protected]
>> https://www.ietf.org/mailman/listinfo/opsec
>>
>> _______________________________________________
>> v6ops mailing list
>> [email protected]
>> https://www.ietf.org/mailman/listinfo/v6ops
>>
>
> _______________________________________________
> v6ops mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/v6ops
>
_______________________________________________
OPSEC mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/opsec
