[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-v6ops-ipv6-cpe-router-04

To: "STARK, BARBARA H (ATTLABS)" <bs7652@att.com>
Subject: Re: draft-ietf-v6ops-ipv6-cpe-router-04
From: Mark Townsley <townsley@cisco.com>
Date: Mon, 29 Mar 2010 20:42:38 +0200
Cc: "Hemant Singh (shemant)" <shemant@cisco.com>, "Fred Baker (fred)" <fred@cisco.com>, Ole Troan <otroan@employees.org>, IPv6 v6ops <v6ops@ops.ietf.org>
In-reply-to: <750BF7861EBBE048B3E648B4BB6E8F4F126521C1@crexc50p>
References: <!&!AAAAAAAAAAAuAAAAAAAAAKTyXRN5/+lGvU59a+P7CFMBAN6gY+ZG84BMpVQcAbDh1IQAAAATbSgAABAAAACInobc2K8lT7XDVmAN62sdAQAAAAA=@iname.com> <4BACC0C9.2080201@gmail.com> <750BF7861EBBE048B3E648B4BB6E8F4F124AFDA0@crexc50p> <03DB7B96-7A82-4D6E-9E9E-DB63798E1075@employees.org> <0FBE8CDC-EE01-48B3-A143-A26FAB3DBBF4@apple.com> <4BAD305D.3070808@cisco.com> <2bbba3c11003270757g1846bec1u9bf19028c53bcb37@mail.gmail.com> <0F0BEC91-7970-407C-8E1B-B53E0EA732AD@cisco.com> <AF742F21C1FCEE4DAB7F4842ABDC511C012F49C6@XMB-RCD-114.cisco.com> <750BF7861EBBE048B3E648B4BB6E8F4F126521C1@crexc50p>
User-agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.8) Gecko/20100227 Thunderbird/3.0.3

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 3/29/10 3:46 PM, STARK, BARBARA H (ATTLABS) wrote:
> Eee! No! I disagree completely. It is clear to me that there is no
> consensus within the IETF as to what such a default will be. I don't see
> this changing. Therefore, there should be no default recommendation in
> either simple-security or cpe-router. Vendors and service providers are
> perfectly capable of deciding for themselves what default they want.If
> the IETF did manage to make a recommendation, I suspect that probably
> half of the vendors and service providers would choose to ignore that
> recommendation, no matter which way it went. Default enabled/disabled
> needs to be completely and totally out of scope for both documents.

Don't forget the case where the CPE doesn't have a service-provider
managing the gateway. The operational model (and importance of defaults)
is quite different when the primary operator is a consumer vs. an SP.

That's why there is all this stress over defaults. If all CPE in the
world were owned and operated by SPs with active management planes like
TR-69 and the like, a lot more would be "left up to configuration."

> 
>  
> 
> As for the sentence that Ole recommended adding ("Enabling or disabling
> this functionality MUST be user configurable."), that is (IMO)
> completely redundant with text that already exists inside
> simple-security:
> 
>    REC-41: Gateways MUST provide an easily selected configuration option
> 
>    that permits a "transparent mode" of operation that forwards all
> 
>    unsolicited flows regardless of forwarding direction, i.e. to disable
> 
>    the IPv6 simple security capabilities of the gateway.
> 
>  
> 
> Therefore, the additional sentence is unnecessary.
> 
> Support means support. 

It was confusing to me.

In general, the more words that get added to try
> to restate the same thing, over and over again, because you're worried
> people might not interpret the first set of words per your intent, the
> more likely it is that you will confuse people and cause them to
> misinterpret your intent. To me, the original text is simple, concise,
> and says exactly what it needs to say.

My experience is that certain things must be repeated to be heard. For
example, even if RFC 4864 plainly states "It does not specify an
Internet standard of any kind." people clearly interpret it as such, as
has been discussed at length here.

- - Mark

> 
> Barbara
> 
> <snip> Mark also commented on what does one mean by "support" in his
> email.  But now the bullet seems to need more work because soon as one
> says a feature is configurable, the next question others will ask is,
> "well, what's the default"?  So here is a little more modified text
> suggestion from me for the relevant bullet.
> 
> S-1:  The IPv6 CE router SHOULD implement
> [I-D.ietf-v6ops-cpe-simple-security]. Enabling or disabling the security
> functionality MUST be user configurable.  The default for whether simple
> security is enabled or disabled is specified in
> I-D.ietf-v6ops-cpe-simple-security].
> 
> Now so we have single source to reference our bullet's properties from;
> the source being the I-D.ietf-v6ops-cpe-simple-security.  Now it's up to
> v6ops as a WG to nail down which of enabled or disabled is the default
> in the I-D.ietf-v6ops-cpe-simple-security.document.
> 
> Hemant </snip>
> 
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJLsPSeAAoJEBAcHDFx3DUIbQEH/3hREpnA76JnTffhnZQhnSEH
A1o92J9tir4Z94FgMM5FvxMFtv7r2Sa0p9abYze1hW2jvev6uqeWUKkV9kGjNWtL
SzmyJtkGv411WY0VLP9se5wDP3AkFjViZTkFnkyfyAsXPVl0NBBp5aZglxN3D3Wq
f1ktYeXxB9ntsJucvlMDVEx4aq6vR9UCeAISGCzdYjluHqTNTlvzK3Oy2Vz3mhOr
boCwN4bE4h6/XzRQeo3Qp5X/VQVfZ/OY4Cb6Tu/8RyKwfr6jJ0tMn8Zm2tfy8w9K
KVMre5z7VEU/kAHoAKqN27ZJ/qOzf7b3MycYyc8OPMCY0oRpdJvv6xyLzo5mpxY=
=CVb/
-----END PGP SIGNATURE-----

Follow-Ups:
- RE: draft-ietf-v6ops-ipv6-cpe-router-04
  - From: "STARK, BARBARA H (ATTLABS)" <bs7652@att.com>

References:
- Re: draft-ietf-v6ops-ipv6-cpe-router-04
  - From: james woodyatt <jhw@apple.com>
- Re: draft-ietf-v6ops-ipv6-cpe-router-04
  - From: Mark Townsley <townsley@cisco.com>
- Re: draft-ietf-v6ops-ipv6-cpe-router-04
  - From: Ole Troan <otroan@employees.org>
- Re: draft-ietf-v6ops-ipv6-cpe-router-04
  - From: Fred Baker <fred@cisco.com>
- RE: draft-ietf-v6ops-ipv6-cpe-router-04
  - From: "Hemant Singh (shemant)" <shemant@cisco.com>
- RE: draft-ietf-v6ops-ipv6-cpe-router-04
  - From: "STARK, BARBARA H (ATTLABS)" <bs7652@att.com>

Prev by Date: Re: simple security
Next by Date: RE: draft-ietf-v6ops-ipv6-cpe-router-04
Previous by thread: RE: draft-ietf-v6ops-ipv6-cpe-router-04
Next by thread: RE: draft-ietf-v6ops-ipv6-cpe-router-04
Index(es):
- Date
- Thread