Re: IPv6-PMP?

[james woodyatt <jhw@apple.com>]

On Apr 11, 2007, at 12:14, Rémi Denis-Courmont wrote:
> Le mercredi 11 avril 2007 20:21, james woodyatt a écrit :
> > Unless we do something.  I'm proposing that we consider extending  
> > ICMP to support automatically opening pinholes in the default  
> > gateway's stateful packet filter.  Does anybody have any  
> > alternative to consider?
>
> I guess everybody agrees that stateful firewalling won't go away  
> with IPv6, whether one likes it or not (I'm obviously not a big fan  
> of them). That kills the "no firewall so no problem" alternative.  
> Then, the only alternatives are the big broken heavyweight solution  
> (à la UPnP) ;) I definitely prefer the lightweight one that  
> actually works.

For the record, I've not received any off-list messages to explain  
how the IETF managed to arrive at a consensus about the need for  
stateful IPv6 packet filters in default gateways while deferring  
efforts to define a standard method for nodes to solicit pinholes  
through them.  I continue to search the email archives for signs of a  
discussion about this, and I have not found anything.  My requests  
that someone come forward with recollections of a discussion in a  
meeting session, which I'm assuming went unrecorded in the minutes,  
has gone unanswered.

This is almost too much for me to believe.  I'm beginning to suspect  
I'm being set up to be the butt of an elaborate practical joke.  I  
know I have a reputation for being an entertaining target for such  
japes, but I hadn't thought that reputation could precede me into  
groups like this one.  I should probably feel flattered, I guess.


--
j h woodyatt <jhw@apple.com>