IETF Logo Mail Archive

Re: [v6ops] 464xlat case study (was reclassify 464XLAT as standard instead of info)

james woodyatt <jhw@google.com> Wed, 27 September 2017 22:22 UTC

Return-Path: <jhw@google.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E03513514B for <v6ops@ietfa.amsl.com>; Wed, 27 Sep 2017 15:22:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eCcilofagL1O for <v6ops@ietfa.amsl.com>; Wed, 27 Sep 2017 15:22:25 -0700 (PDT)
Received: from mail-pf0-x236.google.com (mail-pf0-x236.google.com [IPv6:2607:f8b0:400e:c00::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF59B13448E for <v6ops@ietf.org>; Wed, 27 Sep 2017 15:22:25 -0700 (PDT)
Received: by mail-pf0-x236.google.com with SMTP id b70so7947335pfl.8 for <v6ops@ietf.org>; Wed, 27 Sep 2017 15:22:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=NJxgq1Jwc+6pq5cBYUFkmTJUfmUp3TOt9GNguYYXejk=; b=B/RJT2bGRmgvYxuWPVATT/7bn2yQgeH232JkDNSXklCuQ344bKLe7CEw5LcsqRfQlA oUKiaMekfBxQrBoalWWCuhIE9iMVA2Sra9xRJJ0idJPVDs8T20SoKNbWy5cOFbWaibmM mUgwKSIDY1K8QZNtfwGp7hK3e/Jqva7YCmsTvTEo82LyPUVnfMX7aGT56S/Koav5Gs7k p5038CUuSdGmgqA6yqPoAogrLBgZVmXqxjy6cOZoduh5RFzmAef8vE11LKfw8ns+h8+k zE/gW5J2/sNaidsl9C0XavtmsmhUixuIiXgbOA3tSpI924a5lFKVf0bvK64/ggboJ+1E a5vw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=NJxgq1Jwc+6pq5cBYUFkmTJUfmUp3TOt9GNguYYXejk=; b=s5CsJocDWm6sqvYsVYjivdL1laOLi4681KPd06y/157RGZ8Vf0176cMD/HhfR+TlKN E/Xfzsq64twE6GZsfqRZkP23VY+HBV9j3LudR2q7WncmpvD3VP9+wyCr2H6ZzMnNwBJp sLrRMtP7HW/1uahLb+ZzBTh1yPIHpE/cUwAudDdpYF76G/7YRNcNPzGLiqWjK0Dh4/D4 2bRN/FZQa/+rBHHXeHXuf8pnRLOuEq27mGJtsF8aisyQnkrk1Za+NmZZM9Sb21Rh8eXK VKCXsdz4PfJqfUatcIHaeoAukxGV8Hold5oU570GgP5UmBqwXpuhZg7TUyz8LX1D2TF2 FdeQ==
X-Gm-Message-State: AHPjjUiDG39BeLgPQV2AdgGfRUu+uVomapM3yBY/Y34wBcrVFTNM/4ef 8LY6KvbuYC78N/tAbNWUqEa6IFjGa7U=
X-Google-Smtp-Source: AOwi7QBV46QjOt71DjYaUvPobuvhjEqahuqTQOjSxEIWEimT9QQH+z560RdlCNVhzEp+WUsswYzcyA==
X-Received: by 10.99.171.9 with SMTP id p9mr2546863pgf.30.1506550945394; Wed, 27 Sep 2017 15:22:25 -0700 (PDT)
Received: from ?IPv6:2620::10e7:10:a888:544a:118b:9f49? ([2620:0:10e7:10:a888:544a:118b:9f49]) by smtp.gmail.com with ESMTPSA id c82sm2140pfe.172.2017.09.27.15.22.24 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 27 Sep 2017 15:22:24 -0700 (PDT)
From: james woodyatt <jhw@google.com>
Message-Id: <FB954422-428C-4D10-BB21-271EFE2E4BB0@google.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_35C71371-8092-4057-8026-DA6211D30507"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Wed, 27 Sep 2017 15:22:23 -0700
In-Reply-To: <LO1P123MB0116805F9A18932E2D0694FEEA780@LO1P123MB0116.GBRP123.PROD.OUTLOOK.COM>
Cc: IPv6 Ops WG <v6ops@ietf.org>
To: "Heatley,N,Nick,TQB R" <nick.heatley@bt.com>
References: <LO1P123MB01168388285206BB7C26F029EA7A0@LO1P123MB0116.GBRP123.PROD.OUTLOOK.COM> <46045DAA-9096-43BA-A5FD-571232767726@google.com> <CAKD1Yr3vziaHfkR+hQ7QHXaz7QraKH2HLUVXUW63GpnOAj4JoQ@mail.gmail.com> <E72C3FBE-57A4-4058-B9E5-F7392C9E9101@google.com> <LO1P123MB0116805F9A18932E2D0694FEEA780@LO1P123MB0116.GBRP123.PROD.OUTLOOK.COM>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/8XnWEJEL3jKvscJ8TqYO2ceJVCc>
Subject: Re: [v6ops] 464xlat case study (was reclassify 464XLAT as standard instead of info)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Sep 2017 22:22:27 -0000

On Sep 27, 2017, at 13:51, Heatley,N,Nick,TQB R <nick.heatley@bt.com> wrote:
> 
> certain vpn clients, still in service, fail


- If those apps are still in service, then they can be updated.
- If they can be updated for security, then they can be updated for IPv6-only operation without 464XLAT.
- If they won’t be updated, then keeping them in service is a security problem.


--james woodyatt <jhw@google.com <mailto:jhw@google.com>>

v2.23.0 | Report a Bug | By Email