[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: draft-ietf-v6ops-ipv6-cpe-router-04
I have not yet sent it to the IEG. If you want to change it, post one now.
In any event, I expect there would be another round of community review.
On Mar 27, 2010, at 7:57 AM, Ole Troan wrote:
> Mark, et al,
>
> [removed ipv6]
>
>>>>> Yeah, I think that after the bloody simple-security debates of the past
>>>>> week, that many are amazed that anyone on this list was able to miss the
>>>>> carnage. Anyway, the current CPE router draft has the following security
>>>>> requirements in section 4.4:
>>>>>
>>>>> S-1: The IPv6 CE router SHOULD support
>>>>> [I-D.ietf-v6ops-cpe-simple-security].
>>>>>
>>
>> What does "support" mean?
>>
>> I would like it to be very clear that "support" does not imply that it be
>> set to "transparent" or "non-transparent" mode by default, just that the
>> functionality exist and be available to be turned on or off.
>
> that was also indeed my understanding when we wrote that requirement.
>
> would this be even clearer:
>
> S-1: The IPv6 CE router SHOULD support
> [I-D.ietf-v6ops-cpe-simple-security]. Enabling or disabling this
> functionality MUST be user configurable.
>
> to me this means that the default would be decided by a vendor or operator.
>
> not quite sure what the process is for updating a draft which has passed WG LC?
>
> cheers,
> Ole
>
http://www.ipinc.net/IPv4.GIF