[BEEPwg] Callback/Rendezvous Profiles

james woodyatt jhw@wetware.com
Thu, 22 Aug 2002 15:18:34 -0700


On Thursday, Aug 22, 2002, at 11:05 US/Pacific, Gabe Wachob wrote:
>
> I think there would be a lot of use for/interest in a rendezvous 
> profile.
> There is the tunnel profile but I don't think it address the "dual NAT"
> problem (ie two parties, each behind NATs, trying to make connections).
>
> This is an issue that goes beyond BEEP, of course.

I think both the Callback profile and the Rendezvous profile are 
actively BAD ideas.  I say this as a guy whose day job is maintaining 
the firmware in a NAT routing home Internet gateway appliance device.

I think that there are already plenty of good security mechanisms 
defined in the BEEP core; there is no additional security benefit to be 
had by employing a Callback profile.  If you don't believe me, then I 
recommend taking the idea immediately to your nearest friendly 
neighborhood Security Area specialist, and see how far you can go with 
it.  Consider this: the listener doesn't have to offer any profiles in 
its greeting message to initiators.  It can instead expect the 
initiator to offer the first tuning profile in its greeting.

Also, you should see draft-iab-unsaf-considerations-02.txt for a good 
description of the set of problems in this Rendezvous profile you are 
suggesting.  (I contributed section C.2 of that document.)

I've only seen one protocol for unilaterally fixing the public 
addresses of multiple peers in different private address realms that 
didn't make me want to wretch violently.  The latest version of it is 
described in draft-ietf-ngtrans-shipworm-07.txt, and it's used for 
establishing IPv6 connectivity by tunneling over UDP/IPv4.  The reason 
I make an exception for it is that it is clearly intended to let IPv6 
treat IPv4/NAT like the damage it is and route around it.

Please please please do not try to advance either of these ideas a 
Internet standards.


--james