IETF Logo Mail Archive

Re: 6to4 to Historic (ipv6-ops@cluenet Re: 6to4 in Internet aaaa records)

Michael Sweet <msweet@apple.com> Fri, 03 October 2014 16:06 UTC

Return-Path: <msweet@apple.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACD061A19F1 for <ipv6@ietfa.amsl.com>; Fri, 3 Oct 2014 09:06:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.087
X-Spam-Level:
X-Spam-Status: No, score=-5.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.786, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ppb5Q24isZpE for <ipv6@ietfa.amsl.com>; Fri, 3 Oct 2014 09:06:27 -0700 (PDT)
Received: from mail-in5.apple.com (mail-out5.apple.com [17.151.62.27]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 69E0F1A19F6 for <ipv6@ietf.org>; Fri, 3 Oct 2014 09:06:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=apple.com; s=mailout2048s; c=relaxed/simple; q=dns/txt; i=@apple.com; t=1412352386; x=2276265986; h=From:Sender:Reply-To:Subject:Date:Message-id:To:Cc:MIME-version:Content-type: Content-transfer-encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-reply-to:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=enRiol/11F7RpMzifkPGuuf+/XckdXhLCKSX7anOYyU=; b=fVyDnGxSWjNCJzXL7JiIZ6UL/UyPxjuSaxiGq/6Tw+G2xgP2sWKkzndQnGqxqFNJ Fs/5qRdAmZl4wQymm6aHPUXq420bUlsECCyba7IqsEzixR5EhEQWXEKoCQoZhVoo 5ZtwbhsXQo4x8Rn85Qp/szk7b2g+HE3BUiKq/aDGsTJgNn8SLqzLlrk8cdrAsqun EgFx/LH/NwNfT9K4M5CIIrcuc8AHHc5+PNsRjdt5oyuMIzaX+wTENXQ9kjUP8Ppo lci30p2IUV2q/vHV+nnkrJKpyKrQa6BC+G9ZpLVggqBlFX0QlhrjNkpLQLzNklyk LM9X8rJHNhfFmFqnTdLTLA==;
Received: from mail-out.apple.com (bramley.apple.com [17.151.62.49]) (using TLS with cipher RC4-MD5 (128/128 bits)) (Client did not present a certificate) by mail-in5.apple.com (Apple Secure Mail Relay) with SMTP id 22.A3.24074.289CE245; Fri, 3 Oct 2014 09:06:26 -0700 (PDT)
MIME-version: 1.0
Content-type: text/plain; charset="windows-1252"
Received: from relay2.apple.com ([17.128.113.67]) by local.mail-out.apple.com (Oracle Communications Messaging Server 7.0.5.30.0 64bit (built Oct 22 2013)) with ESMTP id <0NCV00CDDM15SGY0@local.mail-out.apple.com> for ipv6@ietf.org; Fri, 03 Oct 2014 09:06:26 -0700 (PDT)
X-AuditID: 11973e13-f79326d000005e0a-ee-542ec982ad79
Received: from marigold.apple.com (marigold.apple.com [17.128.115.132]) (using TLS with cipher RC4-MD5 (128/128 bits)) (Client did not present a certificate) by relay2.apple.com (Apple SCV relay) with SMTP id E2.93.19003.E79CE245; Fri, 3 Oct 2014 09:06:23 -0700 (PDT)
Received: from [17.153.23.121] (unknown [17.153.23.121]) by marigold.apple.com (Oracle Communications Messaging Server 7.0.5.30.0 64bit (built Oct 22 2013)) with ESMTPSA id <0NCV008NCM2OC600@marigold.apple.com> for ipv6@ietf.org; Fri, 03 Oct 2014 09:06:25 -0700 (PDT)
Subject: Re: 6to4 to Historic (ipv6-ops@cluenet Re: 6to4 in Internet aaaa records)
From: Michael Sweet <msweet@apple.com>
In-reply-to: <542EAD58.2060907@gmail.com>
Date: Fri, 03 Oct 2014 12:06:23 -0400
Content-transfer-encoding: quoted-printable
Message-id: <AD71B0BB-B504-46C7-A275-7F16DF96B68E@apple.com>
References: <542E20C3.1060404@gmail.com> <542E8110.5050906@massar.ch> <CAAedzxqxtV7UK4MNUoDLbEogFH3TVUpWy+rRX_uvsOLJ3oergw@mail.gmail.com> <542E9F38.7050000@massar.ch> <542EAD58.2060907@gmail.com>
To: 6man <ipv6@ietf.org>
X-Mailer: Apple Mail (2.1988)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrELMWRmVeSWpSXmKPExsUiON3OULfppF6IwfFmPouXZ98zOTB6LFny kymAMYrLJiU1J7MstUjfLoEr4+yeOUwFy8Urbs8UbWCcJNzFyMkhIWAisbThLjuELSZx4d56 ti5GLg4hgZlMErumtbCAJHgFBCV+TL4HZHNwMAvoSdy/qAVRM4VJ4uLC58wwg/7fPsMKkZjE JHHt5yQmCGcik8TWnQ8YQaqEBUIkbq46BzaVTUBN4vekPlYQm1NAU+LvxydsIDaLgKrEgv2/ wWxmAW2JJ+8usEJcYSOx/fIdqKEnGCVOTX3ABJIQEZCQuLboERvEGbISUxY8ZQYpkhB4zipx 4Ncd9gmMwrOQvDEL4Y1ZSHYsYGRexSiUm5iZo5uZZ6qXWFCQk6qXnJ+7iRESyMI7GE+vsjrE KMDBqMTD++GGbogQa2JZcWXuIUZpDhYlcd7W10AhgfTEktTs1NSC1KL4otKc1OJDjEwcnFIN jMHzVm55GPtU4sh6Xbb4FScCdu5w+vk0Lem96vNI7tMPO7vOLc4xElFb3LjgXrSivzBPdZP6 Z4HA/8zqX435WD7dyeW6VbtQfePt3nxRQ9vV2VrzNUxzt5wyS7ry8/bzVrNeFSdG+dSwwpse p+1ifAUFu54ku0zUraltOe34nMlV60KhkqKKEktxRqKhFnNRcSIAeVHgQEUCAAA=
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprBLMWRmVeSWpSXmKPExsUi2FDcolt/Ui/EYOVcJouXZ98zOTB6LFny kymAMYrLJiU1J7MstUjfLoEr4+yeOUwFy8Urbs8UbWCcJNzFyMkhIWAi8f/2GVYIW0ziwr31 bF2MXBxCApOYJP5+bmWHcCYySWzd+YCxi5GDg1lAT+L+RS2QBl4gc8OVr+wgtrBAiMTNVedY QGw2ATWJ35P6wIZyCmhK/P34hA3EZhFQlViw/zeYzSygLfHk3QVWiDk2Etsv32GC2HWCUeLU 1AdMIAkRAQmJa4sesUFcJysxZcFT5gmM/LMQzpiF5IxZSMYuYGRexShQlJqTWGmkl1hQkJOq l5yfu4kRHF6FzjsYjy2zOsQowMGoxMP74YZuiBBrYllxZe4hRgkOZiUR3gUr9UKEeFMSK6tS i/Lji0pzUosPMUpzsCiJ8169D1QtkJ5YkpqdmlqQWgSTZeLglGpgtI9KvBB+6tnvh/e3tv7S V/+10qC/hpH14dQn7+eesNz2/5TXLgnN3OZq5XX/5txyvc1t/t1uBZtr8UuHvW9yj//gNplg +9fbMfUdw7QWoW8P1HId3W1v8OsZBd+5b14dzS/74V98p+PLMhXZ9ovKGUu+yc9evXXbxPy3 2xpOtszLVJhoI2A1R4mlOCPRUIu5qDgRAOGGFW4rAgAA
Archived-At: http://mailarchive.ietf.org/arch/msg/ipv6/apgiwI3D4GWfkUS34lBUOPOGSa8
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Oct 2014 16:06:36 -0000

FWIW, as an implementor I incorporated changes into CUPS to prevent the use of 6to4 back in October of 2005 (9 years ago), mainly because of the issues identified in:

    http://tools.ietf.org/html/rfc3964
    ftp://ftp.itojun.org/pub/paper/draft-cmetz-v6ops-v4mapped-api-harmful-01.txt

> On Oct 3, 2014, at 10:06 AM, Alexandru Petrescu <alexandru.petrescu@gmail.com> wrote:
> 
> Le 03/10/2014 15:06, Jeroen Massar a écrit :
>> On 2014-10-03 07:05, Erik Kline wrote:
>>> One concern I remember from one of the most vocal opponents at that time
>>> was that deprecation might cause code to get deleted from codebases
>> 
>> Why would that be bad?
>> 
>> Code that is not used and could possibly provide a path to some kind of
>> exploit/abuse/unknown use is good to disappear.
> 
> It would be good to document cases where that happened.
> 
> Here something along these lines happened recently with the -brand- CLI not specifying the IPv4 dst address, followed by "invalid memory action", and then by all outgoing IPv6 packets going encapsulated to random IPv4 addresses.  Not only  it could have been considered legitimately as an attack by the receivers, but had a geo-political dimension on it when localized on certain regions of a map.
> 
> On another hand, for whatever is worth, at my local setting IPv6 as '6to4' works just fine in 2014 and maybe in 2015 there would be reason to move to native, and even more so if 6to4 service is not maintained.
> 
> Alex
> 
>> One of the many things that the LibreSSL folks are doing to OpenSSL.
>> 
>>> or at the very least bitrot (with various patches rejected sited IETF
>>> deprecation).
>> 
>> The only acceptable patch is in those cases a patch that
>> removes/deprecates the support.
>> 
>>> I believe this person either had or knew of one or more
>>> private uses of 6to4 that would therefore likely suffer.
>> 
>> "Private" means "local", thus do not require anything on the rest of the
>> Internet. Also it means that they can set up 6in4 based tunnels or use
>> ISATAP.
>> 
>> Unless that "person" provides a lot more details and reasoning, does it
>> matter?
>> 
>> Greets,
>>  Jeroen
>> 
>> 
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
>> 
>> 
> 
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

_________________________________________________________
Michael Sweet, Senior Printing System Engineer, PWG Chair

v2.23.0 | Report a Bug | By Email