Appreciate that Fernando. Eric did a great job enumerating the actual changes
which stemmed from the comments made in last 2 meetings and
the mailing list. We did go back to review the videos of the meetings and hope
we addressed (pun intended :)) all issues that were pointed out.
Looking forward to seeing comments from the review from you and rest of working
group.
- merike
> On Oct 24, 2018, at 3:24 PM, Fernando Gont wrote:
>
> Hi, Eric,
>
> I was just abut to re-read the previous version of the I-D. Wil read the
> last one you posted and send comments.
>
> Thanks!
>
> Cheers,
> Fernando
>
>
>
>
> On 10/24/18 8:36 AM, Eric Vyncke (evyncke) wrote:
>> As you know by now, there will be no OPSEC WG meeting at IETF-103 in
>> November (there was only 1 item on the agenda). So, the authors of
>> opsec-v6 document would like to start discussion on the latest revision.
>> Please find below the link to the differences between -12 and -14 (so
>> two revisions).
>>
>>
>>
>> https://tools.ietf.org/rfcdiff?url2=draft-ietf-opsec-v6-14.txt&url1=draft-ietf-opsec-v6-12.txt
>>
>>
>>
>>
>> It is mainly about:
>>
>> - Section 2.1 Addressing Architecture: adding RFC 7934 reference w/
>> multiple addresses per host
>>
>> - Section 2.1.2 Use of ULAs: 95% complete rewrite
>>
>> - Section 2.1.3: Point-to-point links: text simplified
>>
>> - Section 2.1.4: Temporary addresses: added reference to RFC 8064
>> (stable address), text more in favor of privacy addresses, text
>> simplification
>>
>> - Section 2.2: extension headers: the introduction paragraph is
>> clarified and split in two
>>
>> - Section 2.2.1. Order and Repetition of Extension Headers: add
>> recommendation to use firewall (if required) supporting header filtering
>>
>> - Section 2.2.2: hop by hop extension header: complete rewrite in line
>> with RFC 8200
>>
>> - Section 2.3.1. Securing DHCP: added some text around secure DHCPv6
>>
>> - Section 2.6.2.1. Forensic: added clarification
>>
>> - Section 2.6.2.2. Inventory: removed the paragraph about NXDOMAIN &
>> NOERROR in DNS zone enumeration
>>
>> - Section 2.6.2.3. Correlation: added text on multiple IPv6 addresses
>> per node (per RFC 7934)
>>
>> - Section 2.7.2.6. Teredo & 6to4: moved to the end of the tunnel
>> section + text about their current status
>>
>>
>>
>> Comments are of course welcome.
>>
>>
>>
>> -éric -merike -enno -kk
>>
>>
>>
>>
>>
>>
>> ___
>> OPSEC mailing list
>> OPSEC@ietf.org
>> https://www.ietf.org/mailman/listinfo/opsec
>>
>
>
> --
> Fernando Gont
> SI6 Networks
> e-mail: fg...@si6networks.com
> PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
>
>
>
>
> ___
> OPSEC mailing list
> OPSEC@ietf.org
> https://www.ietf.org/mailman/listinfo/opsec
>
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
OPSEC mailing list
OPSEC@ietf.org
https://www.ietf.org/mailman/listinfo/opsec