Re: Domain Centric Administration, RE: draft-ietf-v6ops-natpt-to-historic-00.txt
Douglas Otis <dotis@mail-abuse.org> Tue, 03 July 2007 19:12 UTC
Return-path: <ietf-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5nnw-0002wa-6W; Tue, 03 Jul 2007 15:12:52 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5nnv-0002wU-2H for ietf@ietf.org; Tue, 03 Jul 2007 15:12:51 -0400
Received: from harry.mail-abuse.org ([168.61.5.27]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I5nnr-0001B9-Or for ietf@ietf.org; Tue, 03 Jul 2007 15:12:51 -0400
Received: from [IPv6:::1] (gateway1.sjc.mail-abuse.org [168.61.5.81]) by harry.mail-abuse.org (Postfix) with ESMTP id 366CB41427; Tue, 3 Jul 2007 12:12:47 -0700 (PDT)
In-Reply-To: <1273454AB0104B4598A61C99@p3.JCK.COM>
References: <198A730C2044DE4A96749D13E167AD37012F68A8@MOU1WNEXMB04.vcorp.ad. vrsn.com> <20BE070B64C319166D95A905@sirius.fac.cs.cmu.edu> <1273454AB0104B4598A61C99@p3.JCK.COM>
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
Message-Id: <628B2522-ABD8-4F06-B862-E2A2C0C15D92@mail-abuse.org>
Content-Transfer-Encoding: 7bit
From: Douglas Otis <dotis@mail-abuse.org>
Date: Tue, 03 Jul 2007 12:13:15 -0700
To: John C Klensin <john-ietf@jck.com>
X-Mailer: Apple Mail (2.752.2)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 4adaf050708fb13be3316a9eee889caa
Cc: ietf@ietf.org, Jeffrey Hutzelman <jhutz@cmu.edu>
Subject: Re: Domain Centric Administration, RE: draft-ietf-v6ops-natpt-to-historic-00.txt
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Errors-To: ietf-bounces@ietf.org
On Jul 2, 2007, at 11:06 AM, John C Klensin wrote: > Of course, almost none of the issues above are likely to go away, > or even get better, with IPv6... unless we make some improvements > elsewhere. And none of them make NAT a good idea, just a > "solution" that won't easily go away unless we have plausible > alternatives for _all_ of its purported advantages, not just the > address space one. The initial use of IPv6 in North America will likely involve Teredo enabled NATs and Teredo servers. It does not seem NATs will go away anytime soon, especially those adding Teredo compliance to ensure multi-player games function without router configuration. Unfortunately many exploits now bypass protections once afforded by NATs or peripheral firewalls. Browsers are always in transition and can be exploited with their many hooks into OS services and applications. It seems security is sacrificed to enable some new proprietary interface. This is an area where standardization has seemly failed. Browser exploits have become so pervasive as to require our company to extensively retool behavior evaluations. For example, SMTP reputations are being converted to a progressive scale to adjust for the growing prevalence of 0wned systems. It seems much of the malware activity is just harder to detect. It gets worse. NATs are not a complete solution, and represent a new challenge. PNRP clouds combined with new complex routing paths represents a risk that will be even harder to evaluate and to enforce policies in a scaleable fashion. In the early days of the Internet, the level of commerce and related crime was far lower than it is today. People are now filing their Federal taxes on-line. What the Internet is being used for has changed significantly. When defending against criminal exploits, there is less doubt about risks. The hazards are very apparent, although they might be harder to detect. The security section for the "next great idea" should carefully review and strategize how the world is to handle resulting abuse. That section is unfortunately significantly growing in importance every day. What seemed like a good idea, can easily become a nightmare. -Doug _______________________________________________ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
- IPv6 transition technologies Jun-ichiro itojun Hagino
- Re: IPv6 transition technologies Paul Hoffman
- Re: IPv6 transition technologies John C Klensin
- Re: IPv6 transition technologies Paul Hoffman
- draft-ietf-v6ops-natpt-to-historic-00.txt Jun-ichiro itojun Hagino
- Re: IPv6 transition technologies Brian E Carpenter
- Re: IPv6 transition technologies Jun-ichiro itojun Hagino
- Domain Centric Administration, RE: draft-ietf-v6o… Hallam-Baker, Phillip
- Re: Domain Centric Administration, RE: draft-ietf… Jun-ichiro itojun Hagino
- RE: Domain Centric Administration, RE: draft-ietf… Hallam-Baker, Phillip
- Re: Domain Centric Administration, RE: draft-ietf… Melinda Shore
- RE: Domain Centric Administration, RE: draft-ietf… Hallam-Baker, Phillip
- Re: Domain Centric Administration, RE: draft-ietf… Melinda Shore
- Re: Domain Centric Administration, RE: draft-ietf… Jeffrey Hutzelman
- Re: Domain Centric Administration, RE: draft-ietf… Brian E Carpenter
- Re: Domain Centric Administration, RE: draft-ietf… John C Klensin
- Re: Domain Centric Administration, RE: draft-ietf… Jeroen Massar
- RE: Domain Centric Administration, RE: draft-ietf… Hallam-Baker, Phillip
- RE: Domain Centric Administration, RE: draft-ietf… Hallam-Baker, Phillip
- Re: Domain Centric Administration, RE: draft-ietf… Douglas Otis
- Re: Domain Centric Administration, RE: draft-ietf… Keith Moore
- Re: Domain Centric Administration, RE: draft-ietf… Keith Moore
- RE: Domain Centric Administration, RE: draft-ietf… Hallam-Baker, Phillip
- Re: Domain Centric Administration, RE: draft-ietf… Keith Moore
- RE: Domain Centric Administration, RE: draft-ietf… Hallam-Baker, Phillip
- Re: Domain Centric Administration, RE: draft-ietf… Mark Andrews
- Re: Domain Centric Administration, RE: draft-ietf… Jun-ichiro itojun Hagino
- RE: Domain Centric Administration, RE: draft-ietf… Jun-ichiro itojun Hagino
- Re: Domain Centric Administration, RE: draft-ietf… David Morris
- Re: Domain Centric Administration, RE: draft-ietf… Mark Andrews
- RE: Domain Centric Administration, RE: draft-ietf… Hallam-Baker, Phillip
- Re: Domain Centric Administration, RE: draft-ietf… Ned Freed
- Re: Domain Centric Administration, RE: draft-ietf… David Conrad
- Re: Domain Centric Administration, RE: draft-ietf… Keith Moore
- Re: Domain Centric Administration, RE: draft-ietf… Mark Andrews
- RE: Domain Centric Administration, RE: draft-ietf… SM
- RE: Domain Centric Administration, RE: draft-ietf… michael.dillon
- Re: Domain Centric Administration, RE: draft-ietf… Melinda Shore
- RE: Domain Centric Administration, RE: draft-ietf… Hallam-Baker, Phillip
- RE: Domain Centric Administration, RE: draft-ietf… Hallam-Baker, Phillip
- Re: Domain Centric Administration, RE: draft-ietf… Marshall Eubanks
- Re: Domain Centric Administration, RE: draft-ietf… Keith Moore
- Re: Domain Centric Administration, RE: draft-ietf… Jun-ichiro itojun Hagino
- Re: Domain Centric Administration, RE: draft-ietf… Keith Moore
- RE: Domain Centric Administration, RE: draft-ietf… Hallam-Baker, Phillip
- Re: Domain Centric Administration, RE: draft-ietf… Joel Jaeggli
- Re: Domain Centric Administration, RE: draft-ietf… Jun-ichiro itojun Hagino
- Re: Domain Centric Administration, RE: draft-ietf… Keith Moore
- Application knowledge of transport characteristic… Dave Crocker
- RE: Domain Centric Administration, RE: draft-ietf… Hallam-Baker, Phillip
- Re: Domain Centric Administration, RE: draft-ietf… Jun-ichiro itojun Hagino
- Re: Domain Centric Administration, RE: draft-ietf… Jun-ichiro itojun Hagino
- Re: Domain Centric Administration, RE: draft-ietf… Jun-ichiro itojun Hagino
- Re: Domain Centric Administration, RE: draft-ietf… Douglas Otis
- RE: Domain Centric Administration, RE: draft-ietf… Christian Huitema
- RE: Domain Centric Administration Hallam-Baker, Phillip
- Re: Domain Centric Administration, RE: draft-ietf… Stephen Sprunk
- RE: Domain Centric Administration, RE: draft-ietf… SM
- Re: Application knowledge of transport characteri… Tom.Petch
- Re: Application knowledge of transport characteri… Dave Crocker
- Re: Application knowledge of transport characteri… Lars Eggert
- Re: Application knowledge of transport characteri… Douglas Otis
- Re: Application knowledge of transport characteri… Michael Tuexen
- Re: Application knowledge of transport characteri… Stephane Bortzmeyer
- Re: Application knowledge of transport characteri… Douglas Otis
- RE: Application knowledge of transport characteri… Hallam-Baker, Phillip
- RE: Domain Centric Administration, RE: draft-ietf… Hallam-Baker, Phillip