On Oct 26, 2010, at 11:26 AM, Christian Huitema wrote:
> There was a long thread about this issue when we discussed the simple
> security model, so I am pretty sure that some people do care. They may or may
> not be misguided. I am ready to believe that you know better than them. But
> then, there is a long history of know-nothing not following the IETF
> designs...
I guess my biggest comment is one I made about two years ago.
http://www.ietf.org/proceedings/73/slides/behave-14.pdf
I would recommend that people that implement this technology also implement an
optional stateful firewall, so that people can turn it on. They might consider
referring to
http://datatracker.ietf.org/doc/draft-ietf-v6ops-cpe-simple-security
"Recommended Simple Security Capabilities in Customer Premises Equipment
for Providing Residential IPv6 Internet Service", James Woodyatt,
21-Oct-10
which is in the RFC Editor's inbox.
_______________________________________________
nat66 mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/nat66
