Last Call Review of draft-ietf-v6ops-6to4-to-historic-
review-ietf-v6ops-6to4-to-historic-secdir-lc-tsou-2011-06-23-00

Request Review of draft-ietf-v6ops-6to4-to-historic
Requested rev. no specific revision (document currently at 11)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2011-06-21
Requested 2011-06-17
Draft last updated 2011-06-23
Completed reviews Genart Last Call review of -11 by Joel Halpern
Secdir Last Call review of -?? by Tina Tsou
Opsdir Last Call review of -11 by Nevil Brownlee
Tsvdir Last Call review of -?? by Dan Wing
Assignment Reviewer Tina Tsou
State Completed
Review review-ietf-v6ops-6to4-to-historic-secdir-lc-tsou-2011-06-23
Review completed: 2011-06-23

Review
review-ietf-v6ops-6to4-to-historic-secdir-lc-tsou-2011-06-23

Hi Sam et al,
I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area
directors.  Document editors and WG chairs should treat these comments just
like any other last call comments.

This document requests that RFC3056 and the companion document "An Anycast
Prefix for 6to4 Relay Routers" RFC3068 are moved to historic status.
I have some minor nits below, but overall the document seems in fine shape.

3.  6to4 operational problems
"In any case this model has the same
   operational burden has manually configured tunnels and has seen no
   deployment in the public Internet."
Should be
"In any case this model has the same
   operational burden as manually configured tunnels and has seen no
   deployment in the public Internet."

As the author said, 
   There are no new security considerations pertaining to this document.
   General security issues with tunnels are listed in
   [I-D.ietf-v6ops-tunnel-security-concerns] and more specifically to
   6to4 in [RFC3964] and [I-D.ietf-v6ops-tunnel-loops].

By the way, it is proposed to use 6rd replacing 6to4. 6rd is a good
technology, but cannot involve to IPv6. There are experiments on IPoE based
6rd, a little on PPPoE based 6rd.


We keep our promises with one another - no matter what!

Best Regards,
Tina TSOU


http://tinatsou.weebly.com/contact.html