Re: IPv6 only host NAT64 requirements?

Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 14 November 2017 00:38 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33F29129431 for <ipv6@ietfa.amsl.com>; Mon, 13 Nov 2017 16:38:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R1lBZJCLBN9w for <ipv6@ietfa.amsl.com>; Mon, 13 Nov 2017 16:38:44 -0800 (PST)
Received: from mail-pg0-x22a.google.com (mail-pg0-x22a.google.com [IPv6:2607:f8b0:400e:c05::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D95F5129438 for <ipv6@ietf.org>; Mon, 13 Nov 2017 16:38:44 -0800 (PST)
Received: by mail-pg0-x22a.google.com with SMTP id 4so5106274pge.1 for <ipv6@ietf.org>; Mon, 13 Nov 2017 16:38:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:organization:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=SuhZy0ujp0nJiFyjK4QiHxeAaryKlYYBAC5yiuxXt68=; b=dBeOotdtCyKli6EguwRxNf0F4dqK1SsXgrV+RPIBJ2l8lS/W3xM6Is7wz0Exc59lSm k0vfKyEKH46JEClFAXI7lunJvJayIDLo0fpVBMqb+DSi9zjcFeWXaVV4y3ctccmU2qRe sHnBkisgZqzSYJzSaNvcDxNkdVPRdkVHcGgkhSHqbO2PBhZvZeWwRkV6UaWWvBnX147Y SXC3ujZgIi5PKo4bY52tZLRa58QM0oVYGDhqMCzE0IzEb2BMJ29jJZvlANGCDXIG8F0Z ennOKKDQw23vPqnioBnSQRpsBbrcKygwF26x4Fa3BSbEfCphwqAH4Zkpzgu2evNdKbGT JnUw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=SuhZy0ujp0nJiFyjK4QiHxeAaryKlYYBAC5yiuxXt68=; b=NfAyTkFZB3nLKfATU8J88SGqDx59U6ASnRFawU5XLkjYvcoqhHE4vaPhbBl6XN03Bd ZS3ymc5EuW6ooPxiNe1LPZYb4Dr7zim+0QFahMhbNwcUJOvAGiLyiCF78Qf8dTiBdOPD GxzWwcJ7EeymEamdmv0xlrcENjxQ01fI/cSfZLqjirMUfi9ZIbExB1xQ07C4wUcf5ziD dbgG7NvFDOD9RFGQ9rZ94LSsnBhDC1i/xRLVs2GF1gqwyG1XlbYzEGvlY6zUTagsXqfF OD3nm6cTq31k/4XEbv0EzeYRWDrlyKo0rS5PIhOGYsX4cxyVTyMI0F/mBLBZyTvhQ+yP XzoQ==
X-Gm-Message-State: AJaThX7uoDho3AAIVzlUF7d2wh0GUuMFDZuMRnAWllDtD3HPizxQKsaz 0hUgWnliZAfVmdHa1ijEPJ5CCA==
X-Google-Smtp-Source: AGs4zMaKq+g+VqjwxgyMWgyCpVqqh4YdP3r3V6O6FFXzQunofxscpi83F9iWAEW6wzozPvIo1gIDCw==
X-Received: by 10.159.241.129 with SMTP id s1mr10476378plr.378.1510619924042; Mon, 13 Nov 2017 16:38:44 -0800 (PST)
Received: from [172.16.132.82] ([101.100.166.3]) by smtp.gmail.com with ESMTPSA id u9sm39717692pfa.40.2017.11.13.16.38.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 13 Nov 2017 16:38:43 -0800 (PST)
Subject: Re: IPv6 only host NAT64 requirements?
To: Ole Troan <otroan@employees.org>
Cc: Philip Homburg <pch-ipv6-ietf-4@u-1.phicoh.com>, 6man WG <ipv6@ietf.org>
References: <6755862C-AA12-45B4-98B8-EF6D9F90898B@employees.org> <CAD6AjGRhn80LUJrut4ebDKPfFkdu3ySN8fjH_JvCjSNA-_tfYw@mail.gmail.com> <m1eEGlw-0000FsC@stereo.hq.phicoh.net> <c7987f0a-9fb9-0311-b017-2b230a21bd1d@gmail.com> <9620CE6D-6364-41E9-A43D-AF0690D2A5F4@employees.org>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
Message-ID: <1bcc9417-6f00-48ac-b9ef-0317f6f43a56@gmail.com>
Date: Tue, 14 Nov 2017 13:38:41 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <9620CE6D-6364-41E9-A43D-AF0690D2A5F4@employees.org>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/aodGuYk-nbMwjZrUiIG4LpvHNOU>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Nov 2017 00:38:46 -0000

On 14/11/2017 13:34, Ole Troan wrote:
> Brian,
> 
>>>> I am not optimistic on the demand / need / value of dnssec in any scenario
>>>> ....let alone an ipv6-only host validating an ipv4-only dns name. If the
>>>> folks operating this service cared, they could operate the server with
>>>> signed v6 names.  It is more reasonable in todays internet to asked the
>>>> server (lets assume most signed name scenarios are servers) to be setup
>>>> right (with v6). There is not a compelling reason why having v6 is
>>>> unattainable today for named nodes.
>>>
>>> DNSSEC is something that works today.
>>
>> This is not the impression I get from attending IEPG meetings
>> and chatting in the corridors at the IETF. Also, we knew throughout
>> the development of NAT64/DNS64 that DNSSEC was a major stumbling block.
>> I don't think it is a good idea to entangle RFC6434bis with that issue.
> 
> What's the DNSSEC major stumbling block?

I pass. Try asking Geogg Huston, for example.

    Brian