Hi Brian, et. al, On 22/10/2008, at 4:19 PM, Brian E Carpenter wrote: <snip>
Yes, but there are plenty of environments where that's impossible, and default deny is unacceptable because it blocks legitimate usage. I think the document needs to steer between the extremes, and suggest scenarios that are reasonably safe. Brian
I agree the document needs to suggest reasonably safe scenarios for tunneling; although "legitimate usage" is up the control and perception of the network owner. Tunnels from end stations may be acceptable in network A and totally unacceptable in network B. I think a default deny of tunnels is bad for all of us; the points that Christian outlined and some of the previous discussion items in this thread clearly articulate the point that a default deny would cause us more re-work of documents as the "target starts to move".
If the document simply states what the concerns are, how the tunnels work, then network owners can decide what they want to do. If there are ways to make things a little bit better with some policy or network design, then the document should go that far ...
Truman