RE: draft-ietf-opsec-infrastructure-security-01 - Infrastructure Hiding

["Barry Greene \(bgreene\)" <bgreene@cisco.com>]

Section 6 is evolving to a BCP through providers deployment. So it is
hard to argue against section 6. The principles behind core hiding have
analogies in other field (Electronic Warfare is one example). 

One editorial:

   Hiding the infrastructure of the network provides one layer of
   protection to the devices that make up the network core.  By hiding
   those devices (making them unreachable) successful execution of
   denial of service attacks becomes far more difficult.

DOS is one reason. If I cannot target the infrastructure, then I cannot
attack the infrastructure. I suggest rephrasing this to not be about DOS
and to be more generic. For examples, port scans go away with
application of many of the core hiding techniques.