RE: SECDIR review: draft-ietf-v6ops-tunnel-concerns

[Christian Huitema <huitema@windows.microsoft.com>]

> My feeling is that we need to tell IT managers something like
> "If your users have a need for IPv6 tunnels, here is how to
> make them as safe as possible:
>
>  <description of mechanisms, e.g. for detecting DoS,...>

I agree. Change the message to a positive tone. Start with the assumption that tunnels are going to happen one way or another, then work from there to specify the safe deployment guidelines, as appropriate for the various deployment cases.

-- Christian Huitema