
<html>

  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

  </head>

  <body>

    <p><br>

    </p>

    <div class="moz-cite-prefix">On 9/28/21 1:06 PM, Christopher Morrow

      wrote:<br>

    </div>

    <blockquote type="cite"

cite="mid:CAL9jLaYgoMCUxLLq20Z+7pUaUqZEWnH-V5kcbEYUVNYM3Z6anw@mail.gmail.com">

      <meta http-equiv="content-type" content="text/html; charset=UTF-8">

      <div dir="ltr">

        <div dir="ltr"><br>

        </div>

        <br>

        <div class="gmail_quote">

          <div dir="ltr" class="gmail_attr">On Tue, Sep 28, 2021 at 3:02

            PM Randy Bush <<a href="mailto:randy@psg.com"

              moz-do-not-send="true">randy@psg.com</a>> wrote:<br>

          </div>

          <blockquote class="gmail_quote" style="margin:0px 0px 0px

            0.8ex;border-left:1px solid

            rgb(204,204,204);padding-left:1ex">> Heh, NAT is not that

            evil after all. Do you expect that all the home<br>

            > people will get routable public IPs for all they toys

            inside house?<br>

            <br>

            in ipv6 they can.  and it can have consequences, see<br>

            <br>

                NATting Else Matters: Evaluating IPv6 Access Control

            Policies in<br>

                Residential Networks; <br>

                Karl Olson, Jack Wampler, Fan Shen, and Nolen Scaife<br>

            <br>

                <a

href="https://link.springer.com/content/pdf/10.1007%2F978-3-030-72582-2_22.pdf"

              rel="noreferrer" target="_blank" moz-do-not-send="true">https://link.springer.com/content/pdf/10.1007%2F978-3-030-72582-2_22.pdf</a><br>

            <br>

            the ietf did not give guidance to cpe vendors to protect

            toys inside<br>

            your LAN<br>

            <br>

          </blockquote>

          <div><br>

          </div>

          <div>guidance aside... 'Time To Market' (or "Minimum Viable

            Product - MVP!) is likely to impact all of our security

            'requirements'. :(</div>

          <div>I also thought 'homenet' (<a

              href="https://datatracker.ietf.org/wg/homenet"

              moz-do-not-send="true">https://datatracker.ietf.org/wg/homenet</a>)

            was supposed to have provided the </div>

          <div>guidance you seek here?</div>

        </div>

      </div>

    </blockquote>

    <p><br>

    </p>

    <p>What I wonder is which string the IETF has to push on to get CPE

      vendors to... anything. <br>

    </p>

    <p>Anecdotally, I've seen firewall controls on all of the CPE I've

      had and no IPv6 (at least commercially). </p>

    <p>Mike<br>

    </p>

  </body>

</html>