Last Call Review of draft-ietf-6man-pio-pflag-09
review-ietf-6man-pio-pflag-09-secdir-lc-schwartz-2024-09-09-00
Request | Review of | draft-ietf-6man-pio-pflag |
---|---|---|
Requested revision | No specific revision (document currently at 10) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2024-09-09 | |
Requested | 2024-08-26 | |
Authors | Lorenzo Colitti , Jen Linkova , Xiao Ma , David Lamparter | |
I-D last updated | 2024-09-09 | |
Completed reviews |
Secdir Last Call review of -09
by Benjamin M. Schwartz
(diff)
Genart Last Call review of -09 by Susan Hares (diff) Iotdir Telechat review of -10 by Erik Nordmark Intdir Telechat review of -09 by Dirk Von Hugo (diff) |
|
Assignment | Reviewer | Benjamin M. Schwartz |
State | Completed | |
Request | Last Call review on draft-ietf-6man-pio-pflag by Security Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/secdir/UGgXoKDoj5N5O2lYI_wcOuvgpOI | |
Reviewed revision | 09 (document currently at 10) | |
Result | Ready | |
Completed | 2024-09-09 |
review-ietf-6man-pio-pflag-09-secdir-lc-schwartz-2024-09-09-00
Security Issues: The security section is, if anything, too detailed, as it describes attacks that are not meaningful to the security of the system. I would shorten this section. The privacy considerations are important and are described appropriately. It might be worth adding a note that privacy-conscious clients should consider not implementing this specification. Other topics: I was not able to see why prefix requests "MUST" be short enough for SLAAC. Why would a host perform SLAAC within its own exclusively allocated prefix? If the host is acting as a router for a network containing SLAAC clients, it can request a larger prefix, but why is this mandatory for all hosts?