Re: APPSDIR review of draft-ietf-behave-64-analysis-05
S Moonesamy <sm+ietf <at> elandsys.com>
2012-02-17 07:57:04 GMT
At 22:51 16-02-2012, mohamed.boucadair <at> orange.com wrote:
>In some deployment it can be SPOF but in others no. This depends if
>the a distributed NAT model is adopted, if NAT state synchronization
>mechanisms are enabled, etc. Do we need to clarify this in the document?
It would help the reader if that could be clarified.
>The IPv4 address pool used by the NAT64 to service IPv6 hosts.
>Several IPv6 hosts may share the same IPv4 address. Do you think
>this need a clarification in the document?
I recommend a clarification as there is a proposal about shared address space.
>Sorry, but I don't understand this comment. Can you please clarify? Thanks.
If we are talking about the BEHAVE WG, IETF participants either know
about it or can look it up. If you say "which complies with BEHAVE
NAT", a wider audience would not know what BEHAVE is. It's easier to
say "complies with NAT recommendations in [RFC4787][RFC5382]".
>I can do but IMHO the document does not introduce new security concerns, no?
I don't think so but I'll defer to the Security Directorate on this.
Thanks for the feedback.