[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[no subject]

From: Rémi Després <remi.despres@free.fr>
Date: Fri, 24 Sep 2010 09:16:13 +0200
Cc: IPv6 Operations <v6ops@ops.ietf.org>
In-reply-to: <B9595010-ACEE-4778-8B79-07AE5DBCF0B7@apple.com>
References: <20100424073001.82A893A6841@core3.amsl.com>

<A06FFD19-AE3E-42C5-9D32-CE0E0CA1D50F@free.fr>
<B9595010-ACEE-4778-8B79-07AE5DBCF0B7@apple.com>
To: james woodyatt <jhw@apple.com>
X-Mailer: Apple Mail (2.1081)
Sender: owner-v6ops@ops.ietf.org
Precedence: bulk
List-ID: <v6ops.ops.ietf.org>


Le 24 sept. 2010 à 01:01, james woodyatt a écrit :

> On Jun 22, 2010, at 06:28 , Rémi Després wrote:
>> 
>> The current REC 43 says:
>> 
>> -"Gateways MUST provide an easily selected configuration option that permits a "transparent mode" of operation

If I may rephrase the point:
A mandatory option 'that permits X' does imply, in my understanding, that you don't get X by default.
It doesn't suggest (as it should in view of the expressed consensus) that the default behavior MAY be X (then with an option "that deactivates X").

>> that forwards all unsolicited flows regardless of forwarding direction, i.e. to disable the IPv6 simple security capabilities of the gateway."
>> 
>> This seems to imply that, if a CPE supports the default simple security, it should have it enabled by default. 
>> In my understanding of what was agreed, each manufacturer would decide whether the default configuration would be "transparent mode" or not.
>> 
>> To reflect this, REC 43 could, for example, be:
>> -"Gateways that support simple security MUST  provide an easily selected configuration option that, if the default configuration has simple security enabled, permits a "transparent mode" of operation that forwards all unsolicited flows regardless of forwarding direction, or that, if the default configuration has "transparent mode" enabled, enables the filtering of unsolicited incoming flows." 
> 
> So, I'm preparing a -13 revision to fix some technical issues related to Mobility Support.  In the interests of heading off yet another repeat of this editorial discussion with Rémi and the group immediately after I post the draft, I'd like to get out in front and ask the working group if anyone else finds the existing language to be insufficiently specific on this point.
> 
> It's my reading of the current text that-- reflecting the state of play in the community as a whole on this question-- it makes no recommendation on whether "transparent" or "simple security" mode should be the DEFAULT configuration, and it's my opinion as editor that explicitly pointing out the lack of an explicit recommendation for a DEFAULT configuration would explicitly be an exercise in explicit verbosity for the sake of promoting explicitness and verbosity in working group documents.  And more wordiness.  Don't forget the wordiness, not to be confused with verbosity.  Wordiness.  Mmmm, crunchy crunchy words.

> 
> I could see possibly addressing Rémi's concern by appending a short sentence that says, "The 'transparent' mode MAY be the DEFAULT configuration."

This, I agree, is a more concise and therefore a better way to cover my point.
Thanks.

Regards,
RD



> 
> This is an editorial issue, and not a technical one, so there is no particular rush to get this settled.  My plan was to defer this question to the RFC Editor.  However, if there is a great hue and cry in the group for me to make this change now, and no major objections to it, then I may as well do it.  What's the groupthink on this?
> 
> 
> --
> james woodyatt <jhw@apple.com>
> member of technical staff, communications engineering
> 
>

References:
- I-D Action:draft-ietf-v6ops-cpe-simple-security-11.txt
  - From: Internet-Drafts@ietf.org
- Re: draft-ietf-v6ops-cpe-simple-security
  - From: james woodyatt <jhw@apple.com>

Prev by Date: Re: draft-ietf-v6ops-cpe-simple-security
Next by Date: [no subject]
Previous by thread: Re: draft-ietf-v6ops-cpe-simple-security
Next by thread: Re: [Editorial Errata Reported] RFC4213 (2172)
Index(es):
- Date
- Thread