Hello, Thanks for your feedback on draft-ietf-ipv6-scoping-arch-01.txt in IESG evaluation.
Below are my proposed resolutions to your comments. I'm planning to submit a new revision of the draft containing the resolutions next week. Any comments on the proposal by then would be highly appreciated. For reference, the full text of (the candidate of) new revision is available at: http://www.jinmei.org/draft-ietf-ipv6-scoping-arch-02rc1.txt Thanks, JINMEI, Tatuya Communication Platform Lab. Corporate R&D Center, Toshiba Corp. [EMAIL PROTECTED] > Steve Bellovin: > Discuss: > [2004-07-06] The Security Considerations section should note that the > ambiguity of addresses means that unqualified source IP addresses > cannot safely be used in security contexts such as ACLs or IKE > negotiation. Proposed resolution: add the following paragraph at the head of security considerations section: The ambiguity of limited scope addresses has security implications. In particular, unqualified source IP addresses regarding their scope cannot safely be used in security contexts such as access control lists or key negotiations for IP security. > Comment: > [2004-07-06] The discussion of convex routing in Section 5 should > probably note that tunneled links are excluded from the prohibition. Proposed resolution: add the following sentence to the last bullet of the "additional properties" list in Section 5: [...] Note, however, that if a zone contains a tunneled link (e.g., an IPv6-over-IPv6 tunnel link [8]), a lower layer network of the tunnel can be located outside the zone without breaking the convexity property. -------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
