Hi Tal,
On 06-Mar-25 19:28, Tal Mizrahi wrote:
Hi,
My main concern about this draft is that I did not feel that it 'does
what it says on the box'. When I read the title and abstract, my first
thought was that this looks like the standard track version of
RFC8799. However, after reading through it, I believe that the main
focus is Ethertype-based protocol identifiers, which is a very
specific solution.
It would be great if the title and abstract would be rephrased to clarify this.
Other comments:
- The term 'safe' should probably be defined (or add a reference to
where it is defined).
- The term 'LAN segment' historically refers to a set of computers
connected by Ethernet using CSMA/CD without switches (bridges). I
suggest to simply use 'LAN'.
In the context of IPv6 link-local addresses, a link is a domain within
which addresses under fe80::/10 can safely be considered unique. I'm not
sure it's quite safe to equate that to a LAN (it can be a point-to-point
link, for example). I agree it's not a LAN segment; probably in the IPv6
context calling it a "link" is more precise.
(However, draft-ietf-6lo-path-aware-semantic-addressing possibly makes
this discussion a bit more complicated.)
I guess there's a similar argument for 169.254.0.0/16.
Brian
Cheers,
Tal.
On 04-Mar-25 05:48, internet-dra...@ietf.org wrote:
Internet-Draft draft-wkumari-intarea-safe-limited-domains-04.txt is now
available.
Title: Safe(r) Limited Domains
Authors: Warren Kumari
Andrew Alston
Éric Vyncke
Suresh Krishnan
Donald Eastlake
Name: draft-wkumari-intarea-safe-limited-domains-04.txt
Pages: 12
Dates: 2025-03-03
Abstract:
Documents describing protocols that are only intended to be used
within "limited domains" often do not clearly define how the boundary
of the limited domain is implemented and enforced, or require that
operators of these limited domains perfectly filter at all of the
boundary nodes of the domain to protect the rest of the global
Internet from these protocols and vice-versa.
This document discusses some design principles and offers mechanisms
to allow protocols that are designed to operate in a limited domain
"fail-closed" rather than "fail-open", thereby making these protocols
safer to deploy on the Internet.
These mechanism are not applicable to all protocols intended for use
in a limited domain, but if implemented on certain classes of
protocols, they can significantly reduce the risks.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-wkumari-intarea-safe-limited-domains/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-wkumari-intarea-safe-limited-domains-04.html
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-wkumari-intarea-safe-limited-domains-04
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
_______________________________________________
I-D-Announce mailing list -- i-d-annou...@ietf.org
To unsubscribe send an email to i-d-announce-le...@ietf.org
_______________________________________________
Int-area mailing list -- int-area@ietf.org
To unsubscribe send an email to int-area-le...@ietf.org
_______________________________________________
Int-area mailing list -- int-area@ietf.org
To unsubscribe send an email to int-area-le...@ietf.org
_______________________________________________
Int-area mailing list -- int-area@ietf.org
To unsubscribe send an email to int-area-le...@ietf.org
