IETF Logo Mail Archive

Re: [v6ops] "protocol 41 isn't just IPv6 over IPv4." (Was: I-D Action: draft-ietf-v6ops-6to4-to-historic-06.txt - alternatives to 6to4)

Jeroen Massar <jeroen@massar.ch> Mon, 03 November 2014 07:13 UTC

Return-Path: <jeroen@massar.ch>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE0031A1A79 for <v6ops@ietfa.amsl.com>; Sun, 2 Nov 2014 23:13:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fM_2CEeQY6o4 for <v6ops@ietfa.amsl.com>; Sun, 2 Nov 2014 23:13:28 -0800 (PST)
Received: from bastion.ch.unfix.org (bastion.ch.unfix.org [IPv6:2a02:2528:503:2::4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B391E1A1A74 for <v6ops@ietf.org>; Sun, 2 Nov 2014 23:13:22 -0800 (PST)
Received: from yomi.ch.unfix.org (84-73-144-213.dclient.hispeed.ch [84.73.144.213]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: jeroen) by bastion.ch.unfix.org (Postfix) with ESMTPSA id D53AC1008E4E3; Mon, 3 Nov 2014 07:13:19 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=massar.ch; s=DKIM2009; t=1414998800; bh=tk2xkd6Crqb8H/HSiZpVhkBS7nbjNJ3w9r3D+cn1HKw=; h=Date:From:To:CC:Subject:References:In-Reply-To; b=YHiCO7Gqy5G84YEDThH678lkU6Pg+JBdjVfixFVu4o7DlKnRhqaqhzLFee5sI+4JL 7Btk3wp1BCVhpzAH9/UoxPfE6vo/U1rRIRJoRpkCc6+95OkI7EpMRzxuJHOEK3TMDR xMWPBp7k6aduWJroZ3GWTxwR7FFr3wv60H0v1unYgePNtfMETx5+8ZjAR4SJLFZqCq UgTpQ+Xn1wW50hNWg09W8PYdg+kBYwJzMhrVSBlyegaESkLd4etAquJzOI2WJf9h7y SKy4RftoHsHGQZP49WTC9igK0ARClRXk6Kphrv3PeCm7clChPoh4dE2d6wbWu9P9Zm nVf2EIFCDN4CA==
Message-ID: <54572B0C.1000601@massar.ch>
Date: Mon, 03 Nov 2014 08:13:16 +0100
From: Jeroen Massar <jeroen@massar.ch>
Organization: Massar
MIME-Version: 1.0
To: Erik Kline <ek@google.com>
References: <20141021063829.20337.35646.idtracker@ietfa.amsl.com> <545050FE.8020807@network-heretics.com> <CAKD1Yr2rPqDy7+oZF16ORU8SnuE2y7NZaDMN1O_TZRO6q8B2iQ@mail.gmail.com> <545054DD.9020406@network-heretics.com> <5BEEBBB9-4A85-4238-9015-EC3378F3346F@delong.com> <5452D3F3.50304@gmail.com> <54536C7D.20301@gmail.com> <9062DD5BB047BF4C96BCE0CB9DA96D1B4DEC2897@ITSNT440.iowa.uiowa.edu> <54539E80.40301@network-heretics.com> <9062DD5BB047BF4C96BCE0CB9DA96D1B4DEC2A50@ITSNT440.iowa.uiowa.edu> <0DCF626A-AF15-40FB-881D-91C368D9065A@delong.com> <9062DD5BB047BF4C96BCE0CB9DA96D1B4DEC315F@ITSNT440.iowa.uiowa.edu> <F62428CE-3341-4489-A51E-C3A9D111B368@delong.com> <9062DD5BB047BF4C96BCE0CB9DA96D1B4DEC8492@ITSNT440.iowa.uiowa.edu> <CAKD1Yr12vKgFsNMHM6d=TdVyQAw9RT0XHQ6BUDHjBmK64xaXpQ@mail.gmail.com> <9062DD5BB047BF4C96BCE0CB9DA96D1B4DEC886B@ITSNT440.iowa.uiowa.edu> <54570E27.60504@network-heretics.com> <54572201.5040201@massar.ch> <CAAedzxqchzKMboy9BKLomB5EGSmsNZ0fY6xJvPYQrpgsvx+XDg@mail.gmail.com>
In-Reply-To: <CAAedzxqchzKMboy9BKLomB5EGSmsNZ0fY6xJvPYQrpgsvx+XDg@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/v6ops/OB4GEUtBOrHhuMQZau68U871Os4
Cc: "v6ops@ietf.org WG" <v6ops@ietf.org>
Subject: Re: [v6ops] "protocol 41 isn't just IPv6 over IPv4." (Was: I-D Action: draft-ietf-v6ops-6to4-to-historic-06.txt - alternatives to 6to4)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Nov 2014 07:13:32 -0000

On 2014-11-03 07:56, Erik Kline wrote:
> Yes, clearly we're going need IPv4(TCP(TLS(HTTP(IPv6))))).

Already exists in a variety of ways ;)

One extreme method of circumvention:

OpenVPN in TCP mode using SOCKS over StegoTorus[1] with the help of
JumpBox[2] to make sure it really looks like a normal web browser.

Though AYIYA "circumvents" AT&T and even the real Great Big Firewall
quite well actually... as they do not know that they can block it.

Greets,
 Jeroen

[1] https://github.com/SRI-CSL/stegotorus
    http://freehaven.net/anonbib/cache/ccs2012-stegotorus.pdf

[2] https://github.com/SRI-CSL/jumpbox
    http://jeroen.massar.ch/publications/files/SECURECOMM2014-JumpBox.pdf

http://jeroen.massar.ch/presentations/files/SECURECOMM2014-JumpBox-pres.pdf

v2.23.0 | Report a Bug | By Email