On Wed, 18 Mar 2015, joel jaeggli wrote: > We got a new version of this draft on 2/25 which I kinda of lost track > of in the midst of two IESG review calls. > > http://tools.ietf.org/rfcdiff?difftype=--hwdiff&url2=draft-ietf-opsec-dhcpv6-shield-06.txt > > It stops short of my interpretation of Ted's position, with the > reordered and clarified test in section 3.
The text in Section 3 seems to have dropped the step saying that if the packet is identified to be a DHCPv6 packet meant for a DHCPv6 client then DHCPv6-Shield MUST drop the packet. The new explanatory text in the security considerations looks good to me. //cmh _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
