Brian Haberman wrote: > Issue 3: Discovery of tunnel endpoints. > > Resolution: > This change will be made and will be based on the text proposed > http://www1.ietf.org/mail-archive/web/ipv6/current/msg05674.html
I missed out on the discussion of the above, but I do hope that there is going to be a huge warning that this reveals the endpoints of the tunnel, which then can usually be abused for injecting fake tunneled data into tunneling protocols that don't have any authentication (read: proto-41) Example (ab)usage: http://www.ripe.net/ripe/meetings/ripe-47/presentations/ripe47-ipv6-tunnel-disco.pdf Though in this case it is 'sort of good', I can think of many cases where one doesn't want to see the above happening. Filtering is always essential of course. Greets, Jeroen
signature.asc
Description: OpenPGP digital signature
-------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------