The following was sent to the Full Disclosure mailing list last yesterday.
"In August 2008 the UK CPNI (United Kingdom's Centre for the Protection of
National Infrastructure) published the document "Security Assessment of the
Internet Protocol". The motivation of the aforementioned document is
explained in the Preface of the document itself. (The paper is available
at: http://www.cpni.gov.uk/Docs/InternetProtocol.pdf )
Once the paper was published by CPNI, I produced an IETF Internet-Draft
version of the same paper, with the intent of having the IETF publish
recommendations and/or update the specifications where necessary. This IETF
Internet-Draft is available at:
http://www.gont.com.ar/drafts/ip-security/index.html (and of course it's
also available at the IETF I-D repository).
The Internet-Draft I published was aimed at the OPSEC WG. And the Working
Group is right now deciding whether to accept this document as a WG item.
This is certainly a critical step. Having the OPSEC WG accept this document
as a WG item would guarantee to some extent that the IETF will do something
about all this, and would also somehow set a precedent in updating the
specifications of core protocols and/or providing advice on security
aspects of them.
The call for consensus is available at:
http://www.ietf.org/mail-archive/web/opsec/current/msg00373.html . You can
voice your opinion on the relevant mailing-list sending an e-mail to
firstname.lastname@example.org . You don't need to subscribe to the mailing list to post a
message (although your message will be held for moderator approval before
it is distributed to the list members).
The deadline for posting your opinion is January 9th (next Friday)."