Re: draft-ietf-v6ops-scanning-implications WGLC

[james woodyatt <jhw@apple.com>]

On Mar 19, 2007, at 02:21, Fred Baker wrote:
> We are looking specifically for comments on the importance of the  
> document as well as its content. If you have read the document and  
> believe it to be of operational utility, that is also an important  
> comment to make.

In section 5.1, I think it might be worth noting that the limited  
duration of privacy addresses may result in network operators having  
a means of impeding the spread of worms that harvest node addresses  
from off-link sources by blocking the method they use to refresh  
their knowledge of recently available attack surfaces.

On the question of the importance of this document, I'd say that its  
intended audience is currently besieged by a conflicting message from  
the IETF and elsewhere that inbound flow initiations should be  
blocked by default at unmanaged stateful packet filters in  
residential gateways.  This conflicting message, as near as I can  
tell, is derived from an undiscussed technical consensus that this is  
necessary to prevent the propagation of IPv6 worms by using a  
sledgehammer at the gateway, despite the alternative mechanisms well- 
enumerated in section 5 of this draft for the abatement of IPv6 worm  
traffic.  I'd like to see a consistent message come from the IETF  
about this issue.


--
j h woodyatt <jhw@apple.com>