Document: draft-ietf-v6ops-v6onbydefault-02
Reviewer: Spencer Dawkins
Date: May 26, 2004

Reasonably close, for Informational, but more than Nits remain.

- I'm a little confused about why 2.3.1.1 talks about aborting TCP
connections that are in SYN-RECEIVED state. The problem statement said
"no IPv6 router" - how did the SYN get to the host in the first place?
The discussion makes perfect sense to me if it's limited to SYN-SENT.

- Section 2.1 talks about "rules" out of the blue, with no reference
given explicitly. I THINK it's referring to the rules from Section 6
of [ADDRSEL], but that's not obvious to the semi-initiated.

- No reference is given for the assertion that "Many TCP
implementations behave this way" in 2.3.1.1, or for the "work in
progress" described at the end of 2.3.3.

So, you ask, is fixing these items enough?

I sympathize with the authors, but they are being forced to handwave
on firewalling and NATing because we don't have BCPs on how to
firewall, and this doesn't help them to be clear or complete.

That's not a problem the authors can fix in this document. But from
one end of the document to the other, this problem complicates life -
3.3 talks about firewalls that don't enforce the same policy for IPv4
and IPv6, but where do we set the expectation that firewalls should,
or don't have to, enforce the same policy?

We do have RFC 2979, but it's Informational, does not contain the
ASCII string "v6", and talks about what firewalls do, not how to
operate firewalled networks. Sigh.

But maybe this document will be good enough for an Informational RFC.
Sigh.

Spencer