[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
draft on v6 firewalling
- To: v6ops@ops.ietf.org
- Subject: draft on v6 firewalling
- From: Pekka Savola <pekkas@netcore.fi>
- Date: Wed, 25 Sep 2002 10:47:41 +0300 (EEST)
- Delivery-date: Wed, 25 Sep 2002 00:49:57 -0700
- Envelope-to: v6ops-data@psg.com
Hello,
I've submitted an I-D on IPv6 firewalling issues, and it should be
available in the repository shortly.
In the meantime, it's available at:
http://www.netcore.fi/pekkas/ietf/draft-savola-v6ops-firewalling-00.txt
Below is the abstract:
There are quite a few potential problems regarding firewalling or
packet filtering in IPv6 environment. These include slight ambiguity
in the IPv6 specification, problems parsing packets beyond unknown
Extension Headers and Destination Options, and introduction of end-
to-end encrypted traffic and peer-to-peer applications. There may
also be need to extend packet matching to include some Extension
Header or Destination Option fields. This draft discusses these
issues to raise awareness and proposes some tentative solutions or
workarounds.
It's 8 pages.
Thanks.
--
Pekka Savola "Tell me of difficulties surmounted,
Netcore Oy not those you stumble over and fall"
Systems. Networks. Security. -- Robert Jordan: A Crown of Swords