Dear Sirs,

 

while reading ripe-554 (http://www.ripe.net/ripe/docs/ripe-554) carefully, I found the following discrepancies:

 

1.    In section “Requirements for network security equipment” you say that “For every mandatory standard the applicable subgroups are specified in parentheses at the end of the line”. Then within “Mandatory Support” you can find the following line: “Deprecation of Type 0 Routing Headers in IPv6 [RFC5095]*”. Does the omission of any applicable subgroup mean, that this requirement is not applicable to any subgroup (where the “*” just indicates that this is a requirement for “IPv6 Ready Logo” only), or does it in contrast mean, that this requirement is implicitly applicable to all 3 subgroups FW, IFS and APFW?

2.    Within “Optional Support” of section “Requirements for network security equipment” with one exception no applicable subgroups are specified. Does this mean, that these optional requirements are implicitly applicable to all 3 subgroups FW, IFS and APFW? But then no applicable subgroup should be mentioned at all, hence the one exception I mentioned causes confusion: “Using IPsec to Secure IPv6-in-IPv4 Tunnels [RFC4891] (FW)”. And you are embarrassed even more when you see the following a few lines later: “Using IPSec to Secure IPv6-in-IPv4 Tunnels [RFC4891]”.  Hence, I assume that the first line “Using IPsec to Secure IPv6-in-IPv4 Tunnels [RFC4891] (FW)” is an error and has to be wiped out?

3.    Within “Mandatory Support” of section “Requirements for network security equipment” you find “If the request is for a dynamic internal gateway protocol (IGP), then the required … , OSPF-v3 [RFC5340] … must be supported.” while within  “Optional Support” of section “Requirements for network security equipment” you will see: “OSPF-v3 [RFC5340]”. Can you explain this contrariety?

4.    Within “Mandatory Support” of section “Requirements for network security equipment” you find “If OSPF-v3 is requested, the device must support "Authentication/Confidentiality for OSPFv3" [RFC4552] (FW, IPS, APFW)” while within  “Optional Support” of section “Requirements for network security equipment” you will see: “Authentication/Confidentiality for OSPF-v3 [RFC4552]”. Can you explain this contrariety?

 

Your answers are welcome!

Kind Regards

DATEV eG

Dr. Andreas Cudok

Paumgartnerstr. 6-14
D 90329 Nürnberg
Phone +49(911)319-4031
Mail andreas.cudok@datev.de

 

Diese E-Mail wurde mit einem Zertifikat der DATEV eG signiert. Damit können Sie sicher sein, dass die Nachricht so von uns gesendet wurde. Wenn Sie eine Meldung erhalten, dass die Signatur ungültig ist oder nicht geprüft werdenkann, fehlt das Zertifikat zu dieser Signatur auf Ihrem Rechner. Informationen zu Zertifikaten und zur digitalen Signatur finden Sie unter www.datev.de/zertifikate im Internet.
DATEV eG
90329 Nürnberg		 Sitz: 90429 Nürnberg, Paumgartnerstraße 6-14
Registergericht Nürnberg, GenReg Nr. 70
Telefon +49 911 319-0
Telefax +49 911 319-3196		 E-Mail info@datev.de
Internet www.datev.de
Vorstand
Prof. Dieter Kempf (Vorsitzender)
Dipl.-Kfm. Wolfgang Stegmann (stellvertretender Vorsitzender)
Dipl.-Kfm. Dr. Robert Mayr
Jörg Rabe v. Pappenheim
Dipl.-Vw. Eckhard Schwarzer
Vorsitzender des Aufsichtsrates: Reinhard Verholen