References: <20090727184501.933F83A6CE4@core3.amsl.com> <029CBD08-5A79-44C2-8490-E63AF783E3B7@muada.com> <7F9A6D26EB51614FBF9F81C0DA4CFEC80133E557C9BA@il-ex01.ad.checkpoint.com> <200907282136.55466.remi@remlab.net> <35FFC80F-07B3-4CE3-BF7A-453D6A64641B@apple.com> <114203F8-FFC7-474C-8764-4F87447AB810@cisco.com> <2C8F9109-C96D-422E-9EEB-6EF22D79EF62@apple.com> <AD7A13B1-C0F5-4C84-845C-CC6B5E3A29D1@mbaugher.com> <440B7E43-76B7-4C18-A93E-DF052280DC41@apple.com> <18034D4D7FE9AE48BF19AB1B0EF2729F3A7044EB32@NOK-EUMSG-01.mgdnok.nokia.com> <C79965AE-2C69-4A63-8EB7-F4E89542CEFE@apple.com> <18034D4D7FE9AE48BF19AB1B0EF2729F3A7044F238@NOK-EUMSG-01.mgdnok.nokia.com> <57D79623-D8A1-41E9-9FB8-B5FEBEE91729@apple.com> <190A532E-35DF-4E97-99D2-9167B9183316@cisco.com> <4A7776E8.4060706@gmail.com> <3BF326F1-3AF5-4577-8409-6BE2D0D6D320@cisco.com> <a94dfda0ae501f376e7b24f0e7b7e70a@chewa.net> <20090804202313.642d2942.ipng@69706e6720323030352d30312d31340a.nosense.org> <7F9A6D26EB51614FBF9F81C0DA4CFEC80133E557D28F@il-ex01.ad.checkpoint.com> X-Mailer: Apple Mail (2.935.3) Return-Path: mbaugher@cisco.com X-OriginalArrivalTime: 04 Aug 2009 21:56:24.0954 (UTC) FILETIME=[692B05A0:01CA154E] On Aug 4, 2009, at 2:39 PM, Yaron Sheffer wrote:
And I'll second Remi's opinion, a firewall that can be manipulated by malware is better than no firewall at all.
If we're going to design firewall control for IPv6, whether it be something new like ALD or an obvious extension to what's done for IPv4, I think it should default to authenticated firewall control. In other words, I would not start with standardizing an unauthenticated firewall control mechanisms and assume that others will figure out how to add access controls. Letting malware use UPnP NAT traversal or NAT- PMP as done today is a pretty low standard for a CPE interface that IMHO we should not accept going forward. We'd like the CPE to refuse commands from malware.
Mark