I have read the latest version (-06) of the draft and find it helpful. One (minor) comment:
4.4. DNS Reverse Mappings ... Basically, an attacker would walk the ip6.arpa zone corresponding to a target network (e.g. "0.8.0.0.8.b.d.0.1.0.0.2.ip6.arpa." for "2001:db8:80::/32"), ... "2001:db8:80::/32" shuold be "2001:db8:80::/48". Thanks, Tomoyuki
_______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
