[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-v6ops-cpe-simple-security-12.txt feedback

To: Mark Smith <ipng@69706e6720323030352d30312d31340a.nosense.org>
Subject: Re: draft-ietf-v6ops-cpe-simple-security-12.txt feedback
From: Fred Baker <fred@cisco.com>
Date: Sun, 8 Aug 2010 16:05:36 -0700
Cc: james woodyatt <jhw@apple.com>, Toerless Eckert <eckert@cisco.com>, IPv6 Operations <v6ops@ops.ietf.org>, mboned@ietf.org
In-reply-to: <20100808193040.1063ffb1@opy.nosense.org>
References: <20100728072319.GU26000@cisco.com> <430696D0-EA0E-438A-B46F-D6DCD00652E0@apple.com> <20100728080009.GZ26000@cisco.com> <99D85A94-0DDF-4950-8151-035024CE8105@apple.com> <0D448E93-070E-478D-911F-60606DFE3441@cisco.com> <62860430-A9D7-46E2-8600-298810C18089@apple.com> <20100807101911.2dbbd430@opy.nosense.org> <F8471906-675A-478C-B86B-C6940A580E32@cisco.com> <20100808193040.1063ffb1@opy.nosense.org>

On Aug 8, 2010, at 3:00 AM, Mark Smith wrote:

> It might be better to say in this draft something like, "all
> multicast traffic is not to be forwarded by the CPE, unless appropriate
> multicast traffic security mechanisms have been implemented. Such
> multicast security mechanisms are out of scope for this memo." (or
> addressed in a multicast security RFC that I'm not aware of.)

Again, I'm wrestling with the distinction between the security draft and the CPE Router draft. Absent the configuration of some form of multicast routing, I would be surprised by the router forwarding anything at all. Configuration of routing protocols or mechanisms, and routing behaviors on or off by default, sounds more like the subject of the CPE Router draft to me. I should think that the security draft is about filters - "presuming that a standard router would choose to forward the datagram, is there any other policy that would prevent it?" A standard router doesn't do a thing with MLD unless it is configured to do so.

Follow-Ups:
- Re: draft-ietf-v6ops-cpe-simple-security-12.txt feedback
  - From: Mark Smith <ipng@69706e6720323030352d30312d31340a.nosense.org>

References:
- Re: draft-ietf-v6ops-cpe-simple-security-12.txt feedback
  - From: james woodyatt <jhw@apple.com>
- Re: draft-ietf-v6ops-cpe-simple-security-12.txt feedback
  - From: james woodyatt <jhw@apple.com>
- Re: draft-ietf-v6ops-cpe-simple-security-12.txt feedback
  - From: Fred Baker <fred@cisco.com>
- Re: draft-ietf-v6ops-cpe-simple-security-12.txt feedback
  - From: james woodyatt <jhw@apple.com>
- Re: draft-ietf-v6ops-cpe-simple-security-12.txt feedback
  - From: Mark Smith <ipng@69706e6720323030352d30312d31340a.nosense.org>
- Re: draft-ietf-v6ops-cpe-simple-security-12.txt feedback
  - From: Fred Baker <fred@cisco.com>
- Re: draft-ietf-v6ops-cpe-simple-security-12.txt feedback
  - From: Mark Smith <ipng@69706e6720323030352d30312d31340a.nosense.org>

Prev by Date: Re: draft-ietf-v6ops-cpe-simple-security-12.txt feedback
Next by Date: draft-ietf-v6ops-cpe-simple-security-12 - default behavior
Previous by thread: Re: draft-ietf-v6ops-cpe-simple-security-12.txt feedback
Next by thread: Re: draft-ietf-v6ops-cpe-simple-security-12.txt feedback
Index(es):
- Date
- Thread