Re: ISMS working group and charter problems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



At 0:30  +0200 7/09/05, Iljitsch van Beijnum wrote:
On 7-sep-2005, at 0:16, Daniel Senie wrote:

Actually, a "Firewall Considerations" section would make sense.

What would be in such a section? There are only three possibilities:

1. There is no firewall: no need for text.
2. There is a firewall, and it doesn't try to block the protocol: no need for text.
3. There is a firewall, and it tries to block the protocol.

So what text would be helpful in case #3? Either the firewall successfully blocks the protocol and the firewall works and the protocol doesn't, or the firewall doesn't manage to block the protocol and the protocol works but the firewall doesn't. So whatever happens, someone is going to be unhappy.

It could at least discuss the question "is the protocol designed in such a way that firewall management is reasonably enabled?" . Two obvious counter-examples come to mind: non-passive-mode FTP, and the use of RTSP with RTP (and having to enable traversal for the RTP/RTCP ports).

Then it could discuss whether this protocol can be individually isolated and decisions on firewall handling be made in isolation for it, or whether it is effectively bundled with other protocols which will have to be handled together, and whether that 'bundle' is in fact appropriate (e.g. if it layers on HTTP, is that appropriate?).

There are probably other questions as well.
--
David Singer
Apple Computer/QuickTime

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]