OMB: IPv6 by June 2008
David Meyer
dmm at 1-4-5.net
Fri Jul 1 15:29:46 UTC 2005
On Fri, Jul 01, 2005 at 02:54:30PM +0000, Christopher L. Morrow wrote:
>
>
> On Fri, 1 Jul 2005, Mohacsi Janos wrote:
> > >
> > > This keeps coming up in each discussion about v6, 'what security measures'
> > > is never really defined in any real sense. As near as I can tell it's
> > > level of 'security' is no better (and probably worse at the outset, for
> > > the implementations not the protocol itself) than v4. I could be wrong,
> > > but I'm just not seeing any 'inherent security' in v6, and selling it that
> > > way is just a bad plan.
> > >
> >
> > Just name a few:
> > - Possibility to end-to-end IPSec.
>
> exists in v4
>
> > - Not feasible scanning of subnets remotely
>
> eh... maybe, I'm not convinced this matters anyway.
>
> > - Privacy enhanced addresses - not tracking usage based on addresses
>
> dhcp can do this for you (v4 has mechanisms for this)
>
> > - Better ingress filtering
> >
>
> right... because gear that filters so well in v4-land will filter so much
> better in v6-land? you == crazy.
>
>
> All those objections aside, I'd love to see v6 more fully deployed. I'm
> not sure I see how it's going to get beyond 'research' or 'play' land,
> except for some small cases, for quite some time. It's interesting that
> the flood gates on ip space are openning at IANA though, that should
> hasten the v6 takeup/deployment :)
Perhaps paraphrasing what Chris just said: At the end of
the day, it is very difficult to make the case that IPv6
offers anything that IPv4 doesn't other than a larger
address space.
Dave
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20050701/a5ae6f66/attachment.sig>
More information about the NANOG
mailing list