[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: comment on: draft-ietf-v6ops-unman-scenarios-00.txt

To: Christian Huitema <huitema@windows.microsoft.com>
Subject: Re: comment on: draft-ietf-v6ops-unman-scenarios-00.txt
From: Alain Durand <Alain.Durand@Sun.COM>
Date: Sun, 19 Jan 2003 14:41:33 -0800
Cc: Keith Moore <moore@cs.utk.edu>, Brian E Carpenter <brian@hursley.ibm.com>, v6ops@ops.ietf.org
In-reply-to: <DAC3FCB50E31C54987CD10797DA511BA1D2B04@WIN-MSG-10.wingroup.windeploy.ntdev.microsoft.com>

On Sunday, January 19, 2003, at 01:35 PM, Christian Huitema wrote:

A lot of this discussion is based on the assumption that if a host is provided with IPv6 connectivity, all the host services suddenly become accessible over IPv6. Well, this is not necessarily the case. (It is definitely not the case with Windows XP.) For example, some applications may not be accessible over IPv6, or may be programmed to only accept local connections, either from a scoped address or from a local prefix. So, in practice, the danger is not quite as large as you may think.

A lot of this discussion is based on the observation that hosts are often
ill-configured (or their default configuration is not secure) and the
application running on them are often not as secure as they should be.

Now, that said,some systems are better than others, and I'm willing
to accept that system and application designer can do the right thing.

However, IMHO, the issue should be documented in
draft-ietf-v6ops-unman-scenarios.

- Alain.

References:
- RE: comment on: draft-ietf-v6ops-unman-scenarios-00.txt
  - From: "Christian Huitema" <huitema@windows.microsoft.com>

Prev by Date: Re: 6to4 security questions
Next by Date: Re: on NAT-PT
Previous by thread: RE: comment on: draft-ietf-v6ops-unman-scenarios-00.txt
Next by thread: Re: comment on: draft-ietf-v6ops-unman-scenarios-00.txt
Index(es):
- Date
- Thread