IETF Logo Mail Archive

Re: [arch-d] [Int-area] Is IPv6 End-to-End? R.I.P. Architecture? (Fwd: Errata #5933 for RFC8200)

Keith Moore <moore@network-heretics.com> Fri, 28 February 2020 02:16 UTC

Return-Path: <moore@network-heretics.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 163553A0C3D for <ietf@ietfa.amsl.com>; Thu, 27 Feb 2020 18:16:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AuWZ2NmAcmqR for <ietf@ietfa.amsl.com>; Thu, 27 Feb 2020 18:16:46 -0800 (PST)
Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFC323A0C3A for <ietf@ietf.org>; Thu, 27 Feb 2020 18:16:46 -0800 (PST)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.west.internal (Postfix) with ESMTP id 20DDC71D; Thu, 27 Feb 2020 21:16:46 -0500 (EST)
Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Thu, 27 Feb 2020 21:16:46 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=6oEB3g P21WNuJs0Ywxfsv6gf4wUNnkUa/moZKC6+YHQ=; b=qgU+nHMi99f37GJK23jpaB Q1hY7i5c12P965fAZChZyPoMK6zS2980rJvGDPTLIxSpBg6B6DgW0CUMuBiP386A l5vzocpMKaGH/ir1fz7fUBWpvDnDfHUDZMVF8GSPVd5+3EkbtmF10NloJp6YgViF M8UugwJhFNlTJemUMcYFFXPKpt0HL4jYJVWu2Q4aFrRzDORGt93iMI/ID8CAwYtK AYCK04duYMPLCois94bySuu48yMbrVKoiKJJKPkUxlFUnBcbPSMualjI8WwyR6tU 8cq7S7jcfsrcvEpCHpDF0YV5PBSWBQjqaywSmEVoKe+fvGtziaRC5q9mCXOTiIqQ ==
X-ME-Sender: <xms:DXhYXtzqnO4VnQU976kN5klyIomP7CwsosTDg_MgrWdDl_B54K9aZQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrleejgdegiecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepuffvfhfhkffffgggjggtsegrtderre dtfeejnecuhfhrohhmpefmvghithhhucfoohhorhgvuceomhhoohhrvgesnhgvthifohhr khdqhhgvrhgvthhitghsrdgtohhmqeenucfkphepuddtkedrvddvuddrudektddrudehne cuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepmhhoohhr vgesnhgvthifohhrkhdqhhgvrhgvthhitghsrdgtohhm
X-ME-Proxy: <xmx:DXhYXttuDvpDWJyZRzNVCosPzp3jArRdNPZdu0w0PSLf2nZFNk9cdw> <xmx:DXhYXsw4YGB_Zx15ORY4PVEY_RGDbrOKSBc_Fo9V4DNckhIWgQa4cg> <xmx:DXhYXtfNR9bGJhwZ_fmzmA0BlvMpSniPqzU7QAD8rYmkDOZYvebwiA> <xmx:DXhYXqTlNHkXQ8KBebbDggRF4c833-1YzXoOFC-xqWgVSG3OUhv4wg>
Received: from [192.168.1.97] (108-221-180-15.lightspeed.knvltn.sbcglobal.net [108.221.180.15]) by mail.messagingengine.com (Postfix) with ESMTPA id 32CDA3060F09; Thu, 27 Feb 2020 21:16:45 -0500 (EST)
Subject: Re: [arch-d] [Int-area] Is IPv6 End-to-End? R.I.P. Architecture? (Fwd: Errata #5933 for RFC8200)
To: ietf@ietf.org
References: <876c9105-3da4-e614-2db0-bea025b54663@si6networks.com> <7749f91f-03f1-cc14-bae8-5fe68c88879f@si6networks.com> <CALx6S36wN7VEi_rxLC1ETcTvkGaPhs20KhQrGWAGGTrCL5OT+g@mail.gmail.com> <CAMm+Lwg+4xMv=EKLfvmZMCgrQz31+38Fv0bYKeJ0fTB5vbXiaw@mail.gmail.com> <8d3e7b714666db00e0c05a2e06959da6@strayalpha.com> <CAMm+LwjYeSTro_TJujtRPDfVKtVMg7JbDL6A5V3Tj447c2E7nA@mail.gmail.com> <2e5b51a3-a81b-4e01-03f0-415c92ae5341@network-heretics.com> <CAMm+Lwj20ZPQzCgOGDVV6mssAb+d4x3HS9S85fLs2TakwJSDuA@mail.gmail.com>
From: Keith Moore <moore@network-heretics.com>
Message-ID: <f76c8440-cc97-1454-ff9d-0d522c95c869@network-heretics.com>
Date: Thu, 27 Feb 2020 21:16:44 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0
MIME-Version: 1.0
In-Reply-To: <CAMm+Lwj20ZPQzCgOGDVV6mssAb+d4x3HS9S85fLs2TakwJSDuA@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------C6566E9879F75DAC5C73EA4F"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/SAWKiLrC20wMA_uookhQcDQNkzA>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Feb 2020 02:16:48 -0000

On 2/27/20 8:46 PM, Phillip Hallam-Baker wrote:

> You have been on this jihad against NAT for decades. In the real 
> world, application designers have to accept NAT is simply a fact of 
> life or their stuff doesn't work.

I'm not going to argue with you about NAT especially since we probably 
significantly agree about its immediate practical effects.   Where we 
differ is in our visions of what makes for a well-functioning Internet 
in the long term.   And I'm not going to argue with you about that 
either, at least not here.

> That IPSEC is a failure as a VPN standard is not an opinion, it is a 
> fact. Every VPN vendor developed their own work-around for the AH 
> debacle and as a result, the built in clients in Windows and Mac are 
> rarely able to connect to an IPSEC VPN. Meanwhile, SSH just works.

The greater failure of IPSEC, IMO, is that it assumes that a host makes 
sense as an authentication principal.    But that's water that has long 
since passed under the bridge.

Keith

v2.23.0 | Report a Bug | By Email