Re: IESG position on NAT traversal and IPv4/IPv6

[Phillip Hallam-Baker <hallam@gmail.com>]

Designing NAT traversal on a per protocol basis sounds like a mistake to me.

NAT traversal should be something that is supported at a higher level of
abstraction than one protocol. And there seem to be moves towards that
support.

But the idea of trying to starve protocols of features in order to encourage
transition to IPv6 has been tried for the past ten years and utterly failed.
How much more evidence is required?

One of the pathologies of the IETF is that it only takes one member of the
IESG to cling to some outdated dogma for it to survive. I remember I was
once on a panel discussing Web Services security when a person representing
the IETF view went off on a rant against firewalls as unnecessary and
insecure. Which was rather odd given that one of the security ADs at the
time happens to be an author of a pretty well known book on the topic of
firewalls.


One of the worst things a standards organization can do is to hold one set
of work hostage to deployment of some other priority.

The IETF has no power to force adoption of one particular architecture. If
unreasonable demands are made people will take work elsewhere.


On Mon, Nov 15, 2010 at 12:19 AM, Hadriel Kaplan <HKaplan@acmepacket.com>wrote:

> Hi,
> In one of the working group meetings this past week, when the group was
> discussing a NAT traversal solution for their new protocol, an A-D suggested
> they not spend much time on NAT traversal.  He/she indicated the IESG was
> discouraging NAT traversal mechanisms for new protocols, in order to foster
> demand for IPv6 instead.  The A-D further noted that "we really want it to
> run over IPv6 more than we want it to run over IPv4".  After being asked for
> clarification he/she said that "if you build something that will encourage
> people to stay on IPv4 longer, when you send it into the IESG you will get
> pushback".
>
> I am not going to name the WG nor A-D, because I'd rather encourage A-D's
> to speak their mind, and it doesn't matter who it was.  Also, anyone can
> make a mistake or be mis-interpreted, and perhaps that's all this was. (We
> don't read written prepared statements at the mic, after all :)
>
> What I'd like to know is the IESG's position with respect to protocols
> trying to make themselves work around NATs in IPv4.  I'd like to know if the
> IESG will push back on new protocols if they attempt to work around NATs.
>
> I would also like to understand the IESG's position with respect to IPv6
> and whether protocols should not attempt to make themselves work around
> potential IPv6 NATs; and more importantly to handle the possibility that the
> firewall-type policies which NATs have by nature, may continue to be used in
> IPv6 on purpose even if addresses/ports don't get mapped.
>
> I appreciate the workload you are always under, but I think it's important
> for us outside the IESG to know.  If this is not the right medium/process
> for asking such questions, my apologies... and please let me know the right
> way. :)
>
> Thanks,
> -hadriel
>
> _______________________________________________
> Ietf mailing list
> Ietf@ietf.org
> https://www.ietf.org/mailman/listinfo/ietf
>



-- 
Website: http://hallambaker.com/