I do not see why the ITU has to start from zero. There are several (or some at least) very good RFC and I+D documents related to IPv6 security. I think we should recommend them to ITU, it is good that they let us know, it would be better if they use our work as a foundation.
just my 20 cents -as On 5 Jun 2011, at 00:10, John Leslie wrote: > Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote: >> >> We received a liaison [1] from ITU-T saying they're >> planning to start a couple of work items on the >> security of IPv6. As far as we know, they envisage >> developing a "technical guideline on deploying IPv6" >> and "Security Management Guideline for implementation >> of IPv6 environment in telecommunications >> organizations." Bear in mind that they're just starting >> so they know about as much as we would just before a >> BoF or something like that. >> >> I think we'd like to respond to them that that's great, >> and we'll be interested in their results, but can they >> *please* come back to us before saying something should >> be changed so's we can talk about it. > > I don't think that's quite right. We should welcome their studying > security issues; but I think we need to _strongly_ encourage them to > start from draft-ietf-6man-node-req-bis when it becomes an RFC -- since > it has _significant_ changes from RFC 4294 (and an ITU-T study based > on RFC4294 will be of rather limited value). > > Furthermore, ITU-T should NOT propose "changes" to IPv6 protocol > or the Node Requirements. The language there should talk of documenting > security "concerns" or "issues" or whatever term seems neutral enough; > and list as the next step exchanging ideas of what "changes" might help. > > Clearly, ITU-T is entirely justified in publishing recommendations > of what level of security-related-trust to place in IPv6 packet > forwarding: but any protocol _changes_ are outside their bailiwick. > > (As an aside, IETF should resist most proposals for change until > IPv6 sees widespread deployment -- deploying to a moving target is > just TOO risky.) > > -- > John Leslie <j...@jlc.net> > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------