Last Call Review of draft-arkko-townsley-coexistence-

Request Review of draft-arkko-townsley-coexistence
Requested rev. no specific revision (document currently at 06)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2010-10-19
Requested 2010-09-15
Authors Jari Arkko, Mark Townsley
Draft last updated 2010-10-11
Completed reviews Secdir Last Call review of -?? by Shawn Emery
Assignment Reviewer Shawn Emery
State Completed
Review review-arkko-townsley-coexistence-secdir-lc-emery-2010-10-11
Review completed: 2010-10-11


I have reviewed this document as part of the security directorate's 

ongoing effort to review all IETF documents being processed by the 

IESG.  These comments were written primarily for the benefit of the 

security area directors. Document editors and WG chairs should treat 

these comments just like any other last call comments.

This is an information draft that provides guidance for effectively 

managing IPv4/IPv6 addresses by address and protocol translation mechanisms.

The security considerations section does exist and defers to 

wing-nat-pt-replacement-comparison for some of the solutions.  

wing-nat-pt-replacement-comparison discusses possible DoS and spoofing 

attacks when sharing an IPv4 amongst multiple subscribers.  Though it 

would be nice if either this draft or the one referenced would prescribe 

techniques to mitigate such attacks.

General comments:


Editorial comments:

s/reader to be consider/reader to consider/

This sentence should be restructured for readability purposes:

For deployments where the GW is owned and operated by the customer, this becomes
operational overhead for the Internet Service Provider (ISP) that it
will no longer be able to rely on the customer and the seller of the
GW device for.

s/of NAT444 need/of NAT444 needs/

s/tunnel could created/tunnel could be created/