Re: Comments on draft-ietf-v6ops-teredo-security-concerns-02

[Erik Nordmark <erik.nordmark@sun.com>]

Dave Thaler wrote:
> While almost all of the points in this document are valid,
> I have many comments (66 of them, not including the grammatical
> corrections) on the text in this document.
> Attached is a PDF with my comments in context.
>
> My most general feedback can be summed up with:
>
> It would be better to either recast this document as a "Tunnel
> Security Concerns" document, or to split it into two docs or
> sections, one for Teredo and one for generic tunneling issues.
> Personally, I would find it most useful as two separate docs,
> so that the first can be referenced from other "<blah> Security
> Concerns" docs that might be specific to other tunneling protocols.
> As is, I believe the current doc organization is harmful in two respects:
> 1) It may lead people to people that other tunneling protocols are
> more secure than they really are if they believe the lack of a
> similar statement/document means they don't have the problem.
> 2) It creates more work for the IETF when doing a "<blah> security
> Concerns" document for another tunneling protocol, since all the
> same points have to be repeated.

Dave,

I suspect it isn't tunneling in general that has these issues. For 
instance, I don't see these issues in RFC 4213.

Thus I think the class is restricted to tunneling protocols that are 
designed to bypass NAT boxes, since in many cases that means they also 
bypass the firewalls. Example protocols are IPsec (IKE/ESP) over UDP, IP 
over SSH or SSL.
At least those examples are associated with a protocol providing some 
security, but there are probably other tunneling protocols designed to 
bypass NATs using UDP that do not come with required security.

But my point is that the class is smaller than all tunneling protocols.

    Erik