[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: 6to4 being replaced by Teredo only? [Re: Tunneling scenarios and

To: <huitema@windows.microsoft.com>, <bmanning@karoshi.com>, <pekkas@netcore.fi>
Subject: RE: 6to4 being replaced by Teredo only? [Re: Tunneling scenarios and
From: <Jonne.Soininen@nokia.com>
Date: Mon, 15 Mar 2004 19:07:28 +0200
Cc: <Erik.Nordmark@sun.com>, <Alain.Durand@sun.com>, <v6ops@ops.ietf.org>

Hello,

my opinion as an individual would be similar than what Brian et al. have expressed. 6to4 is there, it is a fact if we like it or not. 
I do not believe that after the WG being in a virtual stand still for quite some time and now getting some progress done again we should use our new found energy to try to stop people from using the one of the very few mechanisms that we have actually specified and deprecating existing transition mechanisms.
Let's focus our energy on delivering what is needed to make the transition to IPv6 as smooth as possible and not discuss if we should or should not deprecate 6to4.

Cheers,

Jonne.

> -----Original Message-----
> From: owner-v6ops@ops.ietf.org [mailto:owner-v6ops@ops.ietf.org]On
> Behalf Of ext Christian Huitema
> Sent: 13 March, 2004 21:36
> To: bill; Pekka Savola
> Cc: Erik Nordmark; Alain Durand; v6ops@ops.ietf.org
> Subject: RE: 6to4 being replaced by Teredo only? [Re: Tunneling
> scenarios and
> 
> 
> > > the security properties are worse with 6to4 than Teredo 
> (due to its
> > > simplicity).
> > >
> > > Pekka Savola
> > 
> > 	reading the above sentence... its the most humourous thing
> > 	i've read all week. perhaps what Pekka intended to say was
> > 	that the security properties of 6to4 are more knowable than
> > 	Teredo due to its simplicity.  Most folks believe that if
> > 	you can know the properties of some bit of code, its more
> > 	secure than code that is too large/complex to understand well.
> > 	Or perhaps Pekka ment something else...
> 
> Pekka's point can be summarized as follow: the bubble mechanism of
> Teredo performs a 3-ways handshake, which effectively mitigates some
> potential misuse of the relays for anonymous DOS attacks; there is no
> such mechanism in 6to4.
> 
> Rob and Bill retort with the general "complexity is bad" 
> argument: it is
> much easier to have a bug in 100,000 lines of code than in 100; simper
> code is easier to debug. However, Teredo's code is not all that large,
> maybe a few hundred lines, and it can effectively be debugged. After
> all, we do have two independent implementations of Teredo that
> interoperate without apparent issues.
> 
> That being said, I would not want to replace all usage of 6to4 by
> Teredo. 6to4 is a natural solution for upgrading the existing home
> routers.
> 
> -- Christian Huitema
> 
>

Prev by Date: Re: automatic tunnel mechanism selection [Re: tunnel broker deployment [RE: Tunneling scenarios and mechanisms evaluation]
Next by Date: Re: tunnel broker deployment [RE: Tunneling scenarios and mechanisms evaluation]
Previous by thread: RE: 6to4 being replaced by Teredo only? [Re: Tunneling scenarios and
Next by thread: RE : RE : Tunneling scenarios and mechanisms evaluation
Index(es):
- Date
- Thread