Caitlin Bestler wrote:
IPv6 needs to be justified on the number of nodes that truly need a
globally accessible public address, not by insisting on counting devices
that should remain anonymous or under limited (and controlled) visibility.
you appear to be confusing visibility with accessibility.
No, that is exactly what I am not confusing.
If a node only requires accessibility by a few specialized nodes (such
as a water meter) then making it *visible* to more is just creating
a security hole that has to be plugged.
How do you control visibility? Authentication. How do you control
accessibility? Authentication. What's the difference? Silently ignoring
unauthenticated peers vs. replying "go away". Limiting visibility does
not make a service more secure.
My point remains, a globally meaningful address is something that
should only be applied when it is useful for that endpoint to
be globally addressable.
I have a hard time coming up with *any* service that should be
restricted to local-only at all times. If you believe that
authentication works, you may as well make everything world-visible.
I do agree that firewalls can reduce the risk of exposing buggy service
implementations to the world, e.g. risking buffer overflow attacks, etc.
This has nothing to do with NATs, however, as others have already
pointed out.
Lars
--
Lars Eggert <larse(_at_)isi(_dot_)edu> Information Sciences
Institute
http://www.isi.edu/larse/ University of Southern California