Security Assessment of the Internet Protocol Version 4
RFC 6274

Note: This ballot was opened for revision 07 and is now closed.

(Ron Bonica) Yes

(Jari Arkko) (was Discuss) No Objection

(Stewart Bryant) (was Discuss) No Objection

Comment (2010-12-01)
No email
send info
The introduction appears to incorrectly uses the term TCP/IP when the author means the Internet Protocol suit. 

"This document is the result of an assessment of the IETF specifications of the Internet Protocol (IP)"  - The document only discusses IPv4.

 I am surprised that Section 3 does not have a normative reference to RFC791

In Figure 3, an attacker sends a 17914-byte datagram meant to the

NDIS is used before it is defined.

Section 3.11 (related to the aside on SA being an interface)  ought to have some text on loop-back addresses, and unnumbered interfaces.

(Adrian Farrel) (was Discuss, No Objection) No Objection

(Tim Polk) (was Discuss) No Objection

Comment (2011-03-10)
No email
send info
I still think the document would benefit greatly from a restructuring to explicitly address goals and threats,
then structure the body to address the various threats.  It would have been nice to address protocol-specific issues
first, then go into implementation details.

(Peter Saint-Andre) No Objection

Comment (2010-12-01 for -)
No email
send info
Thank you for writing this helpful document.

Appendix A borders on marketing and seems like a strange thing to include in an RFC. Why is this here?

(Sean Turner) (was Discuss) No Objection