Security review of Internet Protocol, Version 6 (IPv6) Specification draft-ietf-6man-rfc2460bis-09 Do not be alarmed. I have reviewed this document as part of the security directorate’s ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document is the IPv6 specification. Recent modifications have clarified how to process extension headers. The security considerations are brief and have not changed: IPv6 ... has security properties similar to IPv4. Risks of corruption, forgery, and interception of packets, resulting in the exposure of private information, may be mitigated by use of the Security Architecture for the Internet Protocol [RFC4301] or encryption at higher layers of the protocol stack. I wonder if the only security consideration for IP is the risk of exposure of private information? Of course not. But, I suppose that's not in scope of this review. One thing worth mentioning about the changes re header processing is that is contributes to security by reducing complexity and reducing the attack surface. Hilarie