[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: R41 in draft-ietf-v6ops-cpe-simple-security-07
On 28 jul 2009, at 9:26, james woodyatt wrote:
I intend to query the meeting participants this afternoon about a
remaining open item that arose during the last WGLC. That item is
the question over whether recommendation R41 should be removed.
R41: Gateways SHOULD implement a protocol to permit applications to
solicit inbound traffic without advance knowledge of the addresses
exterior nodes with which they expect to communicate. If
implemented, this protocol MUST have a specification that meets the
requirements of [RFC3979], [RFC4879] and [RFC5378].
Assuming that the user is going to open up incoming sessions for an
application, it's more convenient to be able to do that on the host
rather than on the CPE. Then again I wouldn't want random visitors to
be able to mess up my network.
I guess middle ground would be that such a protocol would either need
to be enabled explicitly, or would need some kind of authentication
token, maybe a la bluetooth pairing.