[ipv6hackers] Fwd: RFC 7123 on Security Implications of IPv6 on IPv4 Networks

Fernando Gont fgont at si6networks.com
Tue Feb 18 17:40:50 CET 2014


Hi, Marco,

On 02/18/2014 12:16 PM, Marco Ermini wrote:
> 
> Can I suggest to add in the Introduction section, that there are known,

mm... too late :-)  :-(

Once RFCs are published, you cannot modify them. The closest to that are
filing erratas (if you find errors), or if there's big stuff to be
addressed, eventually revise the document...


> famous Anti Virus and Host Based IPS (HIPS) who are unable to work on
> IPv6 (I would not name names but the version 11 of a famous yellow and
> black thing which is widely deployed and it is not easy to upgrade to
> the next version, 12, because it is a complete and incompatible rewrite...).
> 
> Their behaviour of such AV/HIPS is that they will either allow the
> complete IPv6 traffic without inspection, or block it completely (as a
> protocol type). As mentioned, upgrading AV/HIPS may not be as easy as
> someone may think in medium to large organisations.

Interesting...  :-/

FWIW, whenever you have this sort of data/feedback, please do let me
know, so that I can incorporate it. I-D I'm currently working on are
available at:
<http://datatracker.ietf.org/doc/search/?name=&activedrafts=on&sort=&by=author&author=Gont>

Thanks!

Cheers,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492







More information about the Ipv6hackers mailing list