IETF Logo Mail Archive

Re: [secdir] Secdir review of draft-ietf-behave-nat64-learn-analysis-03.txt

jouni korhonen <jouni.nospam@gmail.com> Thu, 12 April 2012 08:11 UTC

Return-Path: <jouni.nospam@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3424621F8581; Thu, 12 Apr 2012 01:11:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JC8hbqdu+QFX; Thu, 12 Apr 2012 01:11:36 -0700 (PDT)
Received: from mail-wg0-f44.google.com (mail-wg0-f44.google.com [74.125.82.44]) by ietfa.amsl.com (Postfix) with ESMTP id CFF8F21F8576; Thu, 12 Apr 2012 01:11:35 -0700 (PDT)
Received: by wgbdr13 with SMTP id dr13so1147991wgb.13 for <multiple recipients>; Thu, 12 Apr 2012 01:11:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to:x-mailer; bh=rOaEkMpMVQV/wt/6KJ/n52Q0T3zAMebITu9U0YYbN7E=; b=RmLsz7lmRZQUl1NdBEwZYVJuxePg0GN/BEs0xVm6fMKbUJEjf03xKQO0owmHs4Lb27 39NMBFoGCUdfyspglImQmFqw7/g2R2BggxlQVWQVpbmfaVFSmzwisrBWvE6YHVh4wOmt 4tLiYBDt3Qq1Iq0Vwh4iWcKeybgrrEcaqppJhTTOtELRCjjZDlmFapZNSOZ9JRH/wr3S cwt9dGBGftbZ7DTtemtZg6jME7ASkuSM7orVU/LZ/v+COZisKWbRrlcuayodiJTuJLIG A8X5VYEINzjRt+G+yrXuXQmxZ+1lV3Pom+GMFHtWXmWCOnygSuzsvoPuoe3KVJPNdBrI CnYQ==
Received: by 10.216.132.202 with SMTP id o52mr870455wei.106.1334218294852; Thu, 12 Apr 2012 01:11:34 -0700 (PDT)
Received: from [10.17.0.20] ([83.150.126.201]) by mx.google.com with ESMTPS id 17sm52486981wis.0.2012.04.12.01.11.32 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 12 Apr 2012 01:11:33 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: jouni korhonen <jouni.nospam@gmail.com>
In-Reply-To: <alpine.BSF.2.00.1204111541590.19341@fledge.watson.org>
Date: Thu, 12 Apr 2012 11:11:30 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <05C223A0-61EC-405E-AC27-0CA007902210@gmail.com>
References: <4F842937.9050305@isode.com> <alpine.BSF.2.00.1204111541590.19341@fledge.watson.org>
To: Samuel Weiler <weiler@watson.org>
X-Mailer: Apple Mail (2.1084)
Cc: Teemu Savolainen <teemu.savolainen@nokia.com>, IESG <iesg@ietf.org>, Dan Wing <dwing@cisco.com>, secdir@ietf.org
Subject: Re: [secdir] Secdir review of draft-ietf-behave-nat64-learn-analysis-03.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Apr 2012 08:11:37 -0000

Hi,

On Apr 11, 2012, at 10:45 PM, Samuel Weiler wrote:

> Adding my own comments:
> 
> I think there may be a key "con" missing in the discussion of the two EDNS0 approaches (in 5.2 in 5.3).  EDNS0 "stuff", whether flags or options, are typically hop-by-hop only.  That severely limits the applicability of these approaches.

You mean, unless the "EDNS0 capable" DNS64 is the first DNS server the
end host talks to, one cannot guarantee the EDNS0 option survives through
all DNS proxies and (caching) servers in between?

That would be something to point out.. me thinks.

- Jouni

> 
> -- Sam

v2.23.0 | Report a Bug | By Email