I do not see why the ITU has to start from zero. There are several (or
some at least) very good RFC and I+D documents related to IPv6 security. I
think we should recommend them to ITU, it is good that they let us know, it
would be better if they use our work as a foundation.
just my 20 cents
-as
On 5 Jun 2011, at 00:10, John Leslie wrote:
> Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote:
>>
>> We received a liaison [1] from ITU-T saying they're
>> planning to start a couple of work items on the
>> security of IPv6. As far as we know, they envisage
>> developing a "technical guideline on deploying IPv6"
>> and "Security Management Guideline for implementation
>> of IPv6 environment in telecommunications
>> organizations." Bear in mind that they're just starting
>> so they know about as much as we would just before a
>> BoF or something like that.
>>
>> I think we'd like to respond to them that that's great,
>> and we'll be interested in their results, but can they
>> *please* come back to us before saying something should
>> be changed so's we can talk about it.
>
> I don't think that's quite right. We should welcome their studying
> security issues; but I think we need to _strongly_ encourage them to
> start from draft-ietf-6man-node-req-bis when it becomes an RFC -- since
> it has _significant_ changes from RFC 4294 (and an ITU-T study based
> on RFC4294 will be of rather limited value).
>
> Furthermore, ITU-T should NOT propose "changes" to IPv6 protocol
> or the Node Requirements. The language there should talk of documenting
> security "concerns" or "issues" or whatever term seems neutral enough;
> and list as the next step exchanging ideas of what "changes" might help.
>
> Clearly, ITU-T is entirely justified in publishing recommendations
> of what level of security-related-trust to place in IPv6 packet
> forwarding: but any protocol _changes_ are outside their bailiwick.
>
> (As an aside, IETF should resist most proposals for change until
> IPv6 sees widespread deployment -- deploying to a moving target is
> just TOO risky.)
>
> --
> John Leslie <j...@jlc.net>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
