Security Assessment of the Internet Protocol Version 4
draft-ietf-opsec-ip-security-07
Note: This ballot was opened for revision 07 and is now closed.
Ron Bonica Former IESG member
Yes
Yes
()
Unknown
Adrian Farrel Former IESG member
(was Discuss, No Objection)
No Objection
No Objection
(2010-11-15)
Unknown
Jari Arkko Former IESG member
(was Discuss)
No Objection
No Objection
()
Unknown
Peter Saint-Andre Former IESG member
No Objection
No Objection
(2010-12-01)
Unknown
Thank you for writing this helpful document. Appendix A borders on marketing and seems like a strange thing to include in an RFC. Why is this here?
Sean Turner Former IESG member
(was Discuss)
No Objection
No Objection
(2011-01-13)
Unknown
Stewart Bryant Former IESG member
(was Discuss)
No Objection
No Objection
(2010-12-01)
Unknown
The introduction appears to incorrectly uses the term TCP/IP when the author means the Internet Protocol suit. "This document is the result of an assessment of the IETF specifications of the Internet Protocol (IP)" - The document only discusses IPv4. I am surprised that Section 3 does not have a normative reference to RFC791 In Figure 3, an attacker sends a 17914-byte datagram meant to the s/to/for/ NDIS is used before it is defined. Section 3.11 (related to the aside on SA being an interface) ought to have some text on loop-back addresses, and unnumbered interfaces.
Tim Polk Former IESG member
(was Discuss)
No Objection
No Objection
(2011-03-10)
Unknown
I still think the document would benefit greatly from a restructuring to explicitly address goals and threats, then structure the body to address the various threats. It would have been nice to address protocol-specific issues first, then go into implementation details.