Martin Rex wrote: >> FYI, traversable firewall is, by definition, broken. > Try to convince folks to completely remove all outside doors, > windows, window gates, curtain, blinds, flyscreens from > their home to "leverage" many convenient un-restricted openings > to the interior of the house. I'm not arguing against firewalls. There are various kinds of firewalls each of which has its own configuration. Just as path MTU discovery can not stop people filtering ICMP, firewall traversal protocols can not traverse most firewalls. Instead, related parties with firewalls can communicate each other through proper configuration of their firewalls without any traversal protocols. > If your plan is to further delay IPv6 as long as possible, then > making it dependent on unrestricted end-to-end IPv6 connectivity > might be the most reliable approach to ensure the maximum pain > and resistance. All we need is to enable, but NOT MANDATE, complete end to end transparency. It is of course that end to end connectivity can be blocked by firewalls. Masataka Ohta _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf