Early Review of draft-ietf-v6ops-framework-md-ipv6only-underlay-22
review-ietf-v6ops-framework-md-ipv6only-underlay-22-secdir-early-lonvick-2026-05-28-00
| Request | Review of | draft-ietf-v6ops-framework-md-ipv6only-underlay |
|---|---|---|
| Requested revision | No specific revision (document currently at 23) | |
| Type | Early Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2026-05-23 | |
| Requested | 2026-05-09 | |
| Requested by | Mahesh Jethanandani | |
| Authors | Chongfeng Xie , Chenhao Ma , Xing Li , Gyan Mishra , Thomas Graf | |
| I-D last updated | 2026-06-08 (Latest revision 2026-05-28) | |
| Completed reviews |
Secdir Early review of -22
by Chris M. Lonvick
(diff)
Intdir Early review of -23 by Tatuya Jinmei |
|
| Assignment | Reviewer | Chris M. Lonvick |
| State | Completed | |
| Request | Early review on draft-ietf-v6ops-framework-md-ipv6only-underlay by Security Area Directorate Assigned | |
| Posted at | https://mailarchive.ietf.org/arch/msg/secdir/O5WkNWPNLta34C-026ZFKtYPEoU | |
| Reviewed revision | 22 (document currently at 23) | |
| Result | Has nits | |
| Completed | 2026-05-28 |
review-ietf-v6ops-framework-md-ipv6only-underlay-22-secdir-early-lonvick-2026-05-28-00
Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is Ready with nits. The specification is clear and understandable. I found nothing of concern in it. I would like to see a statement in the Security Considerations section like the statement in RFC 7915. Something like: The use of stateless IP/ICMP translators does not introduce any new security issues beyond the security issues that are already present in the IPv4 and IPv6 protocols and in the routing protocols that are used to make the packets reach the translator. Similarly, the Security Considerations section should reference the Security Considerations section of RFCs 7915 and 6052. Regards, Chris