[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proposed 6to4 work (security)



Hello,

Just reading through the comments so far, it occurs to me
that any work on a 6to4 security document might benefit from
a detailed analysis of anticipated deployment scenarios for
relay routers. The latest teredo specification gives a nice
taxonomy when it speaks of globally-accessible, domain-specific,
and host-specific relays. While the teredo and 6to4 relays are
different beasts, perhaps the 6to4 security study could take
the example of teredo in adopting a deployment scenario taxonomy.

In terms of the current discussion (and loosly applying the
teredo taxonomy to 6to4), I believe the security issues raised
thus far pertain to the "globally-accessible" scenario. I don't
know whether "domain-specific" or "host-specific" deployment
scenarios exist, but it seems to me that both cases are supported
by the RFC 3056 specification and thus might require attention
in the security study.

Fred
ftemplin@iprg.nokia.com