[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Proposed 6to4 work (security)
- To: v6ops@ops.ietf.org
- Subject: Re: Proposed 6to4 work (security)
- From: "Fred L. Templin" <ftemplin@IPRG.nokia.com>
- Date: Wed, 16 Oct 2002 10:06:27 -0700
- Delivery-date: Wed, 16 Oct 2002 10:06:00 -0700
- Envelope-to: v6ops-data@psg.com
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.1a) Gecko/20020610
Hello,
Just reading through the comments so far, it occurs to me
that any work on a 6to4 security document might benefit from
a detailed analysis of anticipated deployment scenarios for
relay routers. The latest teredo specification gives a nice
taxonomy when it speaks of globally-accessible, domain-specific,
and host-specific relays. While the teredo and 6to4 relays are
different beasts, perhaps the 6to4 security study could take
the example of teredo in adopting a deployment scenario taxonomy.
In terms of the current discussion (and loosly applying the
teredo taxonomy to 6to4), I believe the security issues raised
thus far pertain to the "globally-accessible" scenario. I don't
know whether "domain-specific" or "host-specific" deployment
scenarios exist, but it seems to me that both cases are supported
by the RFC 3056 specification and thus might require attention
in the security study.
Fred
ftemplin@iprg.nokia.com