I-D.vyncke-advanced-ipv6-security-00

[james woodyatt <jhw@apple.com>]

everyone--

John Brzozowski, the Jabber scribe for the Tuesday V6OPS session when  
this draft was presented, asked me to send my thoughts about the  
applicability of the seven security policies enumerated in the draft  
to IPv6 residential CPE gateways.

1. RejectBogon -- this is already in I-D.ietf-v6ops-cpe-simple- 
security, but called something different.

2. BlockBadReputation -- an interesting architectural idea, but I  
suspect it will be difficult to establish consensus around a pragmatic  
application to the residential usage scenario.

3. AllowReturn -- i'm really looking forward to seeing the IPR  
disclosures on this one, but i'm generally supportive.  not sure how  
i'm going to implement it, but that isn't IETF's problem.

4. AllowToPublicDNSHost -- sounds good on first hearing, but... to  
DNSSEC or not to DNSSEC?  hmmm...

5. ProtectLocalOnly -- this is just silly.  things that shouldn't be  
reachable from outside should not have address that a routed to the  
outside.  i really don't like the idea of coddling the developers of  
applications and embedded devices that don't take host security  
seriously.  IT IS NOT MY FAULT AS A ROUTER VENDOR THAT YOUR CODE IS  
VULNERABLE.  if you ask me to protect such hosts, then you are asking  
me to encourage bad practice that relies on routers providing the  
ProtectLocalOnly policy rather than just being smart about assigning  
interface addresses.

6. CryptoIntercept -- this made everyone in my staff meeting laugh out  
loud when i mentioned it to them.  nobody wants their home gateway  
doing this behind their back.  i predict difficulty selling this to  
users as a feature and not a bug.

7. ParanoidOpenness -- this is a very good idea.  i wish we could grab  
this and jam it into I-D.ietf-v6ops-cpe-simple-security draft.


--
james woodyatt <jhw@apple.com>
member of technical staff, communications engineering