Re: [v6ops] About Req for Comments - "Transition to IPv6"
Morizot Timothy S <Timothy.S.Morizot@irs.gov> Tue, 10 March 2020 19:27 UTC
Return-Path: <Timothy.S.Morizot@irs.gov>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C6C8E3A095E for <v6ops@ietfa.amsl.com>; Tue, 10 Mar 2020 12:27:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_GOV_DKIM_AU=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=irs.gov
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xnzNyzI1XW9a for <v6ops@ietfa.amsl.com>; Tue, 10 Mar 2020 12:27:24 -0700 (PDT)
Received: from EMG4.irs.gov (emg4.irs.gov [IPv6:2610:30:2000:25::91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D1C23A099D for <v6ops@ietf.org>; Tue, 10 Mar 2020 12:27:23 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.70,538,1574143200"; d="scan'208";a="272221388"
Received: from unknown (HELO mem0200img1.tcc.irs.gov) ([10.219.201.80]) by mem0200emg4.tcc.irs.gov with ESMTP; 10 Mar 2020 14:27:22 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=irs.gov; l=4312; q=dns/txt; s=irs-20171230; t=1583868442; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; z=From:=20Morizot=20Timothy=20S=20<Timothy.S.Morizot@irs.g ov>|To:=20v6ops=20<v6ops@ietf.org>|Subject:=20RE:=20[v6op s]=20About=20Req=20for=20Comments=20-=20"Transition=20to =20IPv6"|Date:=20Tue,=2010=20Mar=202020=2019:27:21=20+000 0|Message-ID:=20<5c7debd563a04421be62d9e8f6c74cd1@irs.gov >|References:=20<e8a25961-5ac9-d35e-77dd-bf86f45cd077@gma il.com>=0D=0A=20<7eb4dc25-28a6-4927-2356-846e200681d2@gma il.com>=0D=0A=20<0791D4B0-8390-48D7-AF0A-CE004EC3224C@con sulintel.es>=0D=0A=20<ccc75efb-8c00-ee97-5cc7-2e061e6e5a5 4@gmail.com>=0D=0A=20<52b6b9a4f46a49598eccee1b35e5efc5@ir s.gov>=0D=0A=20<89127c25-9c51-c4bb-97ae-3567e80a4c52@gmai l.com>=0D=0A=20<43D0E5A1-E5C5-4ACA-A44D-BC2F67129174@delo ng.com>=0D=0A=20<D2622B27-88F4-42A7-B944-C002F40D0DB7@con sulintel.es>=0D=0A=20<2020030818294834486735@chinatelecom .cn>=0D=0A=20<CADzU5g5yzhK-4oxL=3Dm5_C1fj=3DK7nXX9mDG49 =3DgLRSs8XGkPXqA@mail.gmail.com>=0D=0A=20<B8678AA0-7D7A-4 ACD-BB4A-DDEDE85ACB88@consulintel.es>=0D=0A=20<073925C4-5 355-4C51-84A4-4D9545013552@delong.com>=0D=0A=20<4A5BDEE6- 2B9E-4338-94C1-3BE9D6E37516@consulintel.es>|In-Reply-To: =20<4A5BDEE6-2B9E-4338-94C1-3BE9D6E37516@consulintel.es> |Content-Transfer-Encoding:=20base64|MIME-Version:=201.0; bh=pFXHSgLU7meWr0pMtVQV05x2hgRs/CYGTEZLOvc7tbc=; b=TFmNx82enqpzN+kCmf1IpjjnfKBMXjC5DbV15rWSx0dJ9USHgZc6SRN7 e1KxNSy1e1CmzWxuLeK4Jy4dPjucJy+TQoNc8ebIihlI0HAZp2idp9R6U RxjdGk27p/B+tIer9uUsbhe2CvmaNyDOPcx6Lk5At2s60P8hGqvlc+Hdc uXDYjjqzmBUVNx9lAqZFezUM0M/Rme6EDluZqLFvWxa0LmbgQnOyfOGPz M8KSh9G7B434IeYrTGzyIjM3U0QHvFihkNbGCsR6Bmf4gNLed/nTQNwrx pXV4awNm9SYP0R7Ul7cT8DEiYFqLnIt4EG/WMOn1n87XjxC8B8WlqQh5K Q==;
Received: from mtb0120ppexh030.ds.irsnet.gov ([10.207.136.81]) by mem0200img1.tcc.irs.gov with ESMTP/TLS/AES256-GCM-SHA384; 10 Mar 2020 19:27:22 +0000
Received: from MTB0120PPEXH050.ds.irsnet.gov (10.207.136.83) by MTB0120PPEXH030.ds.irsnet.gov (10.207.136.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1913.5; Tue, 10 Mar 2020 15:27:21 -0400
Received: from MTB0120PPEXH050.ds.irsnet.gov ([fe80::9de0:134:e3b8:a42d]) by MTB0120PPEXH050.ds.irsnet.gov ([fe80::9de0:134:e3b8:a42d%15]) with mapi id 15.01.1913.005; Tue, 10 Mar 2020 15:27:21 -0400
From: Morizot Timothy S <Timothy.S.Morizot@irs.gov>
To: v6ops <v6ops@ietf.org>
Thread-Topic: [v6ops] About Req for Comments - "Transition to IPv6"
Thread-Index: AQHV8ueeLLu0nvB3gUGLJcW18YOjU6g6QF0AgAALy4D//7FKwIAAXguAgAAtooCAABgygIAD4mNKgABVLgCAAWGygIACLuQAgAAGVoD//8XNgA==
Date: Tue, 10 Mar 2020 19:27:21 +0000
Message-ID: <5c7debd563a04421be62d9e8f6c74cd1@irs.gov>
References: <e8a25961-5ac9-d35e-77dd-bf86f45cd077@gmail.com> <7eb4dc25-28a6-4927-2356-846e200681d2@gmail.com> <0791D4B0-8390-48D7-AF0A-CE004EC3224C@consulintel.es> <ccc75efb-8c00-ee97-5cc7-2e061e6e5a54@gmail.com> <52b6b9a4f46a49598eccee1b35e5efc5@irs.gov> <89127c25-9c51-c4bb-97ae-3567e80a4c52@gmail.com> <43D0E5A1-E5C5-4ACA-A44D-BC2F67129174@delong.com> <D2622B27-88F4-42A7-B944-C002F40D0DB7@consulintel.es> <2020030818294834486735@chinatelecom.cn> <CADzU5g5yzhK-4oxL=m5_C1fj=K7nXX9mDG49=gLRSs8XGkPXqA@mail.gmail.com> <B8678AA0-7D7A-4ACD-BB4A-DDEDE85ACB88@consulintel.es> <073925C4-5355-4C51-84A4-4D9545013552@delong.com> <4A5BDEE6-2B9E-4338-94C1-3BE9D6E37516@consulintel.es>
In-Reply-To: <4A5BDEE6-2B9E-4338-94C1-3BE9D6E37516@consulintel.es>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.207.132.68]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/ZB2l4HgYqIGFe1syJLqOCMuhodk>
Subject: Re: [v6ops] About Req for Comments - "Transition to IPv6"
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Mar 2020 19:27:33 -0000
JORDI PALET MARTINEZ wrote: >*** Then there is a problem. If they really want to have ALL the way thru only IPv6 in the LANs, the federal employees >will not be able to use *ANY* application that uses literal addresses (even a simple web page that is doing that). >Because there is NO transition mechanism that allows that. They are able to force all their internal apps to use only >IPv6, fine, but they have no control over the rest of the Internet. If they are thinking that NAT64+DNS64 resolves >that, they lost this “small” bit in their thinking. I’ve already reported them to the site that is asking for comments, >hopefully they really pay attention to the inputs. I'm intrigued that you believe that's inherently a problem. Perhaps you're not aware how restrictive US federal government networks often are? There are a great many things on the Internet I cannot access from my work computer, even for official work purposes. For example, I am the designated representative for my organization with ARIN. But during remote participation, I could not access jabber and cannot access slack from my work computer. I cannot access any conferencing platform from my work computer even for official, approved purposes. There are multiple levels of firewalls when I am connected to the enterprise network, all operating in default deny mode. My work computer presently has no direct access to any endpoint on the Internet. Every service allowed is proxied. And if things on the Internet do not work within our requirements, we don't use them. Now, removing even the perimeter service proxies to the public IPv4 Internet would fall into that last 20% that does not yet have a specifically mandated date. The emphasis, though, should likely be on *yet*. I know many of the people who contributed to the draft. I don't think they "lost" anything in their thinking. >*** I will be glad if they can send this memo to every small web site in the world, >because even if one of them is missing it, and need to be accessed by >the employees, will not work! It's published in the Federal Register. Those interested in advance warning about the steps the US government is planning to take on their own networks have it available. It will remain published by OMB when formally released. However, restricting access for federal employees is perfectly normal and occurs today for all sorts of reasons. Our networks do not operate under the premise that any system on our network must be able to access any arbitrary system, service, site, or application on the Internet. In fact, more the opposite applies. I believe Owen captured more the spirit and intent of this next step in the progression of the US federal government IPv6 transition. Despite the mandated dates, progress will almost certainly continue to be uneven across agencies. But the reporting requirements are something of a stick. Compliance with regulations and other requirements tends to be one of the drivers in government decision-making, especially since profit is not normally the factor it is in commercial decision-making. Scott
- [v6ops] About Req for Comments - "Transition to I… Alexandre Petrescu
- Re: [v6ops] About Req for Comments - "Transition … JORDI PALET MARTINEZ
- Re: [v6ops] About Req for Comments - "Transition … Alexandre Petrescu
- Re: [v6ops] About Req for Comments - "Transition … Morizot Timothy S
- Re: [v6ops] About Req for Comments - "Transition … Alexandre Petrescu
- Re: [v6ops] About Req for Comments - "Transition … Erik Kline
- Re: [v6ops] About Req for Comments - "Transition … Owen DeLong
- Re: [v6ops] About Req for Comments - "Transition … Alexandre Petrescu
- Re: [v6ops] About Req for Comments - "Transition … Alexandre Petrescu
- Re: [v6ops] About Req for Comments - "Transition … Morizot Timothy S
- Re: [v6ops] About Req for Comments - "Transition … JORDI PALET MARTINEZ
- Re: [v6ops] About Req for Comments - "Transition … Owen DeLong
- Re: [v6ops] About Req for Comments - "Transition … xiechf@chinatelecom.cn
- Re: [v6ops] About Req for Comments - "Transition … Clark Gaylord
- Re: [v6ops] About Req for Comments - "Transition … JORDI PALET MARTINEZ
- Re: [v6ops] About Req for Comments - "Transition … JORDI PALET MARTINEZ
- Re: [v6ops] About Req for Comments - "Transition … Owen DeLong
- Re: [v6ops] About Req for Comments - "Transition … JORDI PALET MARTINEZ
- Re: [v6ops] About Req for Comments - "Transition … Morizot Timothy S
- Re: [v6ops] About Req for Comments - "Transition … Owen DeLong
- Re: [v6ops] About Req for Comments - "Transition … xiechf@chinatelecom.cn
- Re: [v6ops] About Req for Comments - "Transition … Fred Baker
- Re: [v6ops] About Req for Comments - "Transition … Owen DeLong
- Re: [v6ops] About Req for Comments - "Transition … JORDI PALET MARTINEZ
- Re: [v6ops] About Req for Comments - "Transition … JORDI PALET MARTINEZ
- Re: [v6ops] About Req for Comments - "Transition … JORDI PALET MARTINEZ
- Re: [v6ops] About Req for Comments - "Transition … JORDI PALET MARTINEZ
- Re: [v6ops] About Req for Comments - "Transition … JORDI PALET MARTINEZ
- Re: [v6ops] About Req for Comments - "Transition … JORDI PALET MARTINEZ
- Re: [v6ops] About Req for Comments - "Transition … Owen DeLong
- Re: [v6ops] About Req for Comments - "Transition … Fred Baker
- Re: [v6ops] About Req for Comments - "Transition … Owen DeLong
- Re: [v6ops] About Req for Comments - "Transition … Fred Baker
- Re: [v6ops] About Req for Comments - "Transition … Alexandre Petrescu
- Re: [v6ops] About Req for Comments - "Transition … Matthew Petach
- Re: [v6ops] About Req for Comments - "Transition … Owen DeLong
- Re: [v6ops] About Req for Comments - "Transition … Alexandre Petrescu
- Re: [v6ops] About Req for Comments - "Transition … Owen DeLong
- Re: [v6ops] About Req for Comments - "Transition … Alexandre Petrescu
- Re: [v6ops] About Req for Comments - "Transition … JORDI PALET MARTINEZ
- Re: [v6ops] About Req for Comments - "Transition … Owen DeLong
- Re: [v6ops] About Req for Comments - "Transition … Alexandre Petrescu
- Re: [v6ops] About Req for Comments - "Transition … JORDI PALET MARTINEZ
- Re: [v6ops] About Req for Comments - "Transition … Matthew Petach