[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: R41 in draft-ietf-v6ops-cpe-simple-security-07

To: Mark Baugher <mbaugher@cisco.com>
Subject: Re: R41 in draft-ietf-v6ops-cpe-simple-security-07
From: Rémi Denis-Courmont <remi@remlab.net>
Date: Wed, 05 Aug 2009 08:40:09 +0200
Cc: Yaron Sheffer <yaronf@checkpoint.com>, Mark Smith <ipng@69706e6720323030352d30312d31340a.nosense.org>, Brian E Carpenter <brian.e.carpenter@gmail.com>, james woodyatt <jhw@apple.com>, IPv6 Operations <v6ops@ops.ietf.org>
In-reply-to: <3C35AAD7-D7F7-4E6D-A7E0-C6DA2CF95946@cisco.com>
Organization: Remlab.net
References: <3C35AAD7-D7F7-4E6D-A7E0-C6DA2CF95946@cisco.com>
User-agent: RoundCube Webmail/0.1

On Tue, 4 Aug 2009 14:55:08 -0700, Mark Baugher <mbaugher@cisco.com> wrote:

>> And I'll second Remi's opinion, a firewall that can be manipulated by

>> malware is better than no firewall at all.

> 

> If we're going to design firewall control for IPv6, whether it be

> something new like ALD or an obvious extension to what's done for

> IPv4, I think it should default to authenticated firewall control.



We must live in different planet. Because on my planet, most people

wouldn't know how to authenticate to their firewall. IPv6 is supposed to be

at least as easy to configure as IPv4...



-- 

Rémi Denis-Courmont

Follow-Ups:
- Re: R41 in draft-ietf-v6ops-cpe-simple-security-07
  - From: Mark Baugher <mbaugher@cisco.com>

References:
- Re: R41 in draft-ietf-v6ops-cpe-simple-security-07
  - From: Mark Baugher <mbaugher@cisco.com>

Prev by Date: Re: R41 in draft-ietf-v6ops-cpe-simple-security-07
Next by Date: RE: R41 in draft-ietf-v6ops-cpe-simple-security-07
Previous by thread: Re: R41 in draft-ietf-v6ops-cpe-simple-security-07
Next by thread: Re: R41 in draft-ietf-v6ops-cpe-simple-security-07
Index(es):
- Date
- Thread