Last Call Review of draft-ietf-6man-text-addr-representation-
|Requested rev.||no specific revision (document currently at 07)|
|Type||Last Call Review|
|Team||Security Area Directorate (secdir)|
|Draft last updated||2010-01-31|
Secdir Last Call review of -?? by Taylor Yu
This draft indicates that it has no security considerations. I think that conflicts with Section 3.2.5, which gives an example of inappropriate (textual) verification of IPv6 addresses in an X.509 certificate. Although (in my understanding) IPv6 addresses in X.509 certificates are in binary form and probably should be compared as such, if the authors feel the need to explicitly call out an example of inappropriate textual verification of addresses, which could have security consequences if the address values in question are used for access control. The text in Section 3.3.3 about network abuse reporting would also appear to have some operational (but probably not protocol) security consequences, especially if a network operator would need to respond rapidly to an ongoing attack. Editorial: In Section 3.3.2, I believe the claim that IPv4 addresses cannot be abbreviated is false. Historically, BSD implementations of textual IPv4 address parsing have accepted a number of variant abbreviated notations. I think they have generally output canonical dotted-quad IPv4 addresses though.