As you know by now, there will be no OPSEC WG meeting at IETF-103 in November (there was only 1 item on the agenda). So, the authors of opsec-v6 document would like to start discussion on the latest revision. Please find below the link to the differences between -12 and -14 (so two revisions).
https://tools.ietf.org/rfcdiff?url2=draft-ietf-opsec-v6-14.txt&url1=draft-ietf-opsec-v6-12.txt It is mainly about: - Section 2.1 Addressing Architecture: adding RFC 7934 reference w/ multiple addresses per host - Section 2.1.2 Use of ULAs: 95% complete rewrite - Section 2.1.3: Point-to-point links: text simplified - Section 2.1.4: Temporary addresses: added reference to RFC 8064 (stable address), text more in favor of privacy addresses, text simplification - Section 2.2: extension headers: the introduction paragraph is clarified and split in two - Section 2.2.1. Order and Repetition of Extension Headers: add recommendation to use firewall (if required) supporting header filtering - Section 2.2.2: hop by hop extension header: complete rewrite in line with RFC 8200 - Section 2.3.1. Securing DHCP: added some text around secure DHCPv6 - Section 2.6.2.1. Forensic: added clarification - Section 2.6.2.2. Inventory: removed the paragraph about NXDOMAIN & NOERROR in DNS zone enumeration - Section 2.6.2.3. Correlation: added text on multiple IPv6 addresses per node (per RFC 7934) - Section 2.7.2.6. Teredo & 6to4: moved to the end of the tunnel section + text about their current status Comments are of course welcome. -éric -merike -enno -kk
_______________________________________________ OPSEC mailing list OPSEC@ietf.org https://www.ietf.org/mailman/listinfo/opsec