Document: draft-ietf-v6ops-security-overview-04.txt Reviewer: "Sharon Chisholm" Review Date: Wednesday 6/7/2006 10:28 AM CST IESG Telechat Date: Thursday, 08 June 2006 Summary: This draft is basically ready for publication, but has nits that should be fixed before publication. I've completed my review and only managed to find a few more minor nits: 7. In section 2.4, it seems there are two typos: accpetable and mecahnism . 8. In section 3.3, the term SOHO is used but not explained. I'm guessing it Small Office/Home Office after a bit of googling. 9. In appendix B, first paragraph it says "The generation of IPv6 addresses of IPv6 addresses from MAC addresses" while I imagine it should read "The generation of IPv6 addresses from MAC addresses ------------------------------------------------------------------------- Review Date: Thursday, May 25, 2006 9:55:19 AM CST IESG Telechat Date: Thursday, 25 May 2006 Summary: This draft is basically ready for publication, but has nits that should be fixed before publication. Comments: I somehow wasn't paying attention and only realized at the last minute that I was assigned this review for today's meeting. Apologies for the lateness and incompleteness of this review. I only managed to review to the end of section 2.3. 1. In section 1, second paragraph, it says "It is important to understand that we have to be concerned not about replacing IPv4 with IPv6", which seems a bit bold of a statement without a clarification like "in the near future" or some form of explanation. 2. In section 2.1.1, second paragraph and after the bullets, there is a typo - "point wher it is being " 3. The document contains a number of references to internet drafts that originally defined the problems discussed. The document claims "Several of these issues have been discussed in separate drafts but are summarized here to avoid normative references that may not become RFCs", but it isn't clear what the RFC editor should do. Should it delete all these references or just delete the ones that are not RFCs at the time of publication, or should it evaluate which it thinks will someday become RFCs and then wait for them? 4. Section 2.1.9. 1 does not make a recommendation. Are we suggesting that middleware boxes should inspect these packets or just letting people know about the conflict. A recommendation of some sort would seem more satisfying. 5. In section 2.1.9.2, third paragraph says that "This either limits the security that can be applied in firewalls or makes it difficult to deploy new extension header types", but I did not find information in this section to support that conclusion. It may well be true, but it isn't supported. Why is it difficult to skip over header extensions I don't recognize, for example? 6. In section 2.3.2, second paragraph, second bullet, isn't it mandatory to implement ipsec in IPv6 but it isn't mandatory to deploy it is it? I'm not sure this distinction is clear in this bullet. (Assuming my understanding is correct that is)