-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
If people like the idea of keeping (carefully worded) arguments and
discussions on
web-pages this might be an apropriate job for a wiki. Just a thought.
~ Cheers Leif
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Using
Tony Hain wrote:
You appear to presume that to be useful a technology must solve all known
problems. Address space that is not routed to the world does provide
protection from direct attacks. It does not prevent indirect attacks through
nodes that have a route.
No but new technology must actually
Michel Py wrote:
Guess what: cars have locks anyway and nothing you can say about car
locks being a joke is going to change it. If you don't like it, you can
leave your car open.
Sigh. This is almost to dumb to respond to and I'll be kicking myself
when the
next stats come out ;-) It is possib
Tony Hain wrote:
Leif Johansson wrote:
... Patrik posed a few direct
questions to this effect on the list - none of which have
been answered.
I must have missed them, so please send a pointer to the questions.
Tony
Unfortunately there does not seem to be a hypertext archive of the
Brian E Carpenter wrote:
Pekka,
We are talking about the way enterprise network managers think about
their networks.
These are people who *will* get fired if their network is seriously
penetrated. In fact, I expect quite a few will be fired in the near
future because of inadequate protection agai
Tim Chown wrote:
On Mon, Aug 25, 2003 at 05:09:04PM +0200, Leif Johansson wrote:
The "and designing a replacement"-part worries me. You assume that there
is consensus
to only deprecate SL if a replacement can be found. I am quite sure you
are wrong in
that assumption.
There
Brian E Carpenter wrote:
Perhaps that is because there is only one class of solution that
meets these important goals. If you have an alternative statement
of goals that leads to a different class of solution, please
publish your own draft.
Let me put it this way: I am not sure there is a probl
Tony Hain wrote:
Leif Johansson wrote:
I'd also like an answer to this question.
As with all working group documents, it means that the resulting text will
be something the working group has reached concensus on as worth
I don't believe that it is possible to turn the current dr
Keith Moore wrote:
On Fri, 22 Aug 2003 14:35:15 -0700
Fred Templin <[EMAIL PROTECTED]> wrote:
Folks - do we have consensus to accept this document as an
IPv6 wg item (see below)?
what does it mean to do this?
I'd also like an answer to this question.
Cheers Leif
-
Tony Hain wrote:
somebody else does more. Unfortunately there are obstructionists that want
to make sure everyone does exactly the same thing, and no more than they
could do with IPv4.
"getting everybody to do the same thing" ... that sounds awfully close
to a standard
to me! Horrible!
Keith Moore wrote:
For once, Tony and I are in agreement. This has nothing to do with
operations; it has everything to do with the programming model that the v6
Internet supports.
I am saving this email :-) Who am I to argue with such overwhelming
opposition.
Cheers Leif
-
Mans Nilsson wrote:
Still, I wonder why I'm debating this here. It is v6ops material.
Hmm Yes. One of the ops ADs even spoke up to support Måns in this, which
is a hint as good as any imho. Go request a slot for a renumbering-BOF
at the
next IETF and lets move on.
Cheers Leif
Tony Hain wrote:
So is all of your space is globally routed without any filtering or
exclusion from routing protocols? Not everyone is in such a lucky position
to have all of their network globally exposed.
Of course we filter - but we don't NAT! And luck has nothing to do with
it. Would
I lik
Andrew White wrote:
A fair comment.
Some workarounds (of varying levels of reasonableness):
Great. Come back with an ID and running code. This increasingly
hypothetical
thread is fast approaching amateur night in layer 7.
Cheers Leif
-
Mans Nilsson wrote:
Folks,
The scope discussion is flawed, held in the wrong forum and should cease.
Yes. Please.
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP a
Tony Hain wrote:
Uselessly slow is a local decision. If that is the case for your network,
then by all means, don't use these addresses. For others, speed is less of a
concern than other attributes. Please stop trying to force a single
operational model on everyone. We need to provide tools that m
regarding ipv6 than beating
this dead horse once again.
Best Regards
Leif Johansson
Stockholm university
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
Tim Chown wrote:
It's all on video. Memories and recollections are not required :)
Are you saying that my recollectons are wrong?
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.s
Tony Hain wrote:
For you as a technically astute network admin, I would agree. For
Joe-sixpack who just wants to keep the neighbor kid from messing with his
light switches, or to keep the junk-fax marketing company from finding his
printer, it is a different story.
That is a matter of configur
Michael Thomas wrote:
The few self-described apps people I've seen take
a stand have to my recollection been strongly
against dealing with locally scoped addresses .
Have I missed anybody? It seems to me that people
That depends on whom you caught :-) I suspect lots of apps-folk
have tuned out in
Patrik Fältström wrote:
From an Application (above TCP) perspective, A, definitely A. Itojun
summarizes well the issues. Mandating a host to know topology is just
a really bad thing. Really really bad.
paf
I am worried that continuing to beat the dead horse gets v6 nowhere. I
know of seve
Keith Moore wrote:
I look forward to reading an ID describing a set of necessary (not
sufficient!) requirements fulfilled by scoped unicast addressing -
i.e. the problems which cannot be solved by *any other* mechanism.
personally I'm not interested in having this group spend any time trying
Bob Hinden wrote:
Leif,
You didn't address this to me, but I feel obligated to answer.
The questions I have asked the working group in the email "Moving
forward on Site-Local and Local Addressing" was to ascertain the
manner in which the working group wanted the deprecation of site-local
was
Margaret Wasserman wrote:
At 10:26 AM 8/7/2003 -0700, Tony Hain wrote:
> Right now I cannot find a single application where locally scoped
> addresses give
> me anything worth the effort. Those are my 5 cents - since
> you asked for
> details :-)
Wait, you started off by saying that you really ne
Andrew White wrote:
Leif Johansson wrote:
Great. Come back with an ID and running code. This increasingly
hypothetical thread is fast approaching amateur night in layer 7.
3 hours programming and 200 lines of Java later I have a simplistic but
working library that attempts multiple (in
Tony Hain wrote:
You won't even accept my agreement that academic networks have a 'lack of
need' in the same class as those with $M's at stake.
You should spend some time in the academic world. In most countries the
academic institutions are essentially companies offering education and
research
Keith Moore wrote:
there is no justification for the idea that internal-use applications have a
greater need for stability than other applications.
actually, it's not clear that there is a significant class of inherently
"internal-use applications". for most things that people put into that
categ
Brian E Carpenter wrote:
around for 6 years at least. We know what we can do with today's
routing mechanisms, today's renumbering mechanisms, and today's
security mechanisms, and that leads *directly* to the requirements
in the Hain/Templin draft, and IMHO *directly* to the solution in
the Hinde
Tony Hain wrote:
They do have a disproportionate voice, primarily because the operator of the
edge network (where these addresses would be used) is disenfranchised from
the IETF. Yes the ox of the app developer is being gored here, but the
alternative to a few in the middle is goring the masses at
Tony Hain wrote:
Leif Johansson wrote:
Of course we filter -
What is your requirement to do that? I am serious, because those are the
things the current draft is trying to document. If it is not covered by the
current text, please send details.
There are obvious reasons for filtering
Thomas Narten wrote:
To be clear, are you filing a formal appeal? If so, you need to be
very clear about which action you are appealing, on what grounds, what
the remedy should be, and so forth. Also, per 2026, the first place to
start with an appeal is the chairs. Only if you are not satisfied wi
Tony Hain wrote:
Keith Moore wrote:
Tony,
there was strong concensus in the WG to deprecate SL.
No, there was a question asked where there would be multiple undefined
meanings for a Yes vote, and multiple undefined meanings for a No vote.
Basically a blank check for the chair to tell the
Patrik Fältström wrote:
From an Application (above TCP) perspective, A, definitely A. Itojun
summarizes well the issues. Mandating a host to know topology is just
a really bad thing. Really really bad.
I concur with an added "really" tagged on.
-
[EMAIL PROTECTED] wrote:
That noted, there are well known RFCs published already on
the dangers of NATing, so I'm not sure what good it would do
to put something in the Node Requirements document.
Finally, I actually don't know what a reasonable requirement
would be to add to cover this. If you t
Dan Lanciani wrote:
|(provider
|independence perhaps)? Please make the distinction for the sake of clarity.
Re-read what I wrote above. Give them globals with the same (or better)
level of stability as their private addresses.
So you are talking about renumbering, provider independence, etc.
Dan Lanciani wrote:
That may be what you want, but that is not what you have been saying. You
are advocating taking away private address space. Contrary to recent popular
(yet incomprehensible) thought these actions are not equivalent. How about
you FIRST give people global addresses and THEN A
Dan Lanciani wrote:
the causes--of a restrictive address allocation policy. Would you deprive
people of the address space they need to run the applications they need to
run just to make it easier to write some other super-apps that those users
No I want people to have global addresses!
--
Dan Lanciani wrote:
What makes you think that the apps people who say it *will not work* are
correct? Especially when they are talking about models that are already in
use?
Which models would that be exacly? I hope you are not talking about the lets
run-everything-over-http-model... The bottom
Dan Lanciani wrote:
[This response was apparently lost, so I'm resending it.]
We know how to achieve it. You may not like the way we achieve it because
it doesn't meet your standards for architectural purity, but until you have
a better approach, how about letting use keep our impure solutions
[EMAIL PROTECTED] wrote:
Good point, I stand corrected on this point. You might be interested
in this draft, the SCTP folks made a proposal how to handle IPv6
address scoping and SCTP - its only 3 pages, so its a quick read:
http://www.ietf.org/internet-drafts/draft-stewart-tsvwg-sctpipv6-01.txt
Margaret Wasserman wrote:
To keep them, we need to document and resolve the issues that
they cause, update all of the IPv6 routing protocols to
document how site-boundaries are maintained, and document
how address selection will be performed in several upper
layer protocols (at least SCTP, SIP a
Tony Hain wrote:
Pekka Savola wrote:
...
By the ISP? RFC3041 doesn't give you anything except a false
sense of anonomity and broken apps.
It provides anonomity for devices that appear on multiple networks. It
does not prevent an ISP from identifying the customer demarc. It does
not break
Margaret Wasserman wrote:
In the meantime, though, I wouldn't object to a statement in the IPv6
node requirements that says that you MUST NOT translate source or
destination addresses in forwarded packets... even though I don't
think that it will actually stop anyone.
I think this is a good pla
Pekka Savola wrote:
On Thu, 27 Mar 2003, Tony Hain wrote:
Naiming Shen wrote:
...
but if this list is sure there is no need for private
addresses, lets abolish them completely, not just from the
special routing support sense.
The point is that those commenting against SL don't run
Naiming Shen wrote:
] > ok, but if any special routing support for SL is removed, then the only
] > thing left is a private address space for SL. as in ipv4 case, i'm not
] > aware of any application treating 10.x.x.x addr any different from the
] > global routable ones.
]
] many such apps do tre
Tony Hain wrote:
list, because this is not a trival issue. From reports I heard the whole
SF discussion was based on a bogus assertion that SL == NAT.
Not true. In fact non-global addresses are just as bad as NAT from an
applications
point of view but the discussion is SF was _not_ based on
Ole Troan wrote:
IPv6 has multiple addresses anyway. or do you propose to remove
link-locals too?
/ot
Link-local are used in very special cases (bootstrap for instance) which
have to have
lots of special case handling today anyway. Not a problem.
--
Mike Saywell wrote:
I can't really see the motivations to do NAT under v6 when it's so easy
to have multiple addresses on an interface anyway. Joining 2 networks
which use the same address site-local addresses would be nowhere near
as painfull as before since it's that much easier to re-number on
Mark Thompson wrote:
No matter how you capitalize the word, it still needs to run the same
applications! Applications must not know about topology. Period.
IETF IPng Working Group Mailing List
IPng Home Page:
EricLKlein wrote:
When did site local addresses die and why? I changed companies and missed
several months of discussion.
Currently I am working on NMS related changes based on:
* FE8, FE9, FEA, and FEB are Link local addresses
* FEC0 is the prefix of a site local address. Site local addresses are
50 matches
Mail list logo
