ietf
[Top] [All Lists]

Re: [Full-disclosure] IPv6 security myths

2010-10-26 16:19:12
Hi, Tony,

I have a feeling the idea that IPv6 add something to security might
be linked back to the IPsec focus real early on in the IPv6 era,
like years and years ago. Why it happen or how, I don't really
know.

How it happened?  --- Ever heard of NAT? At the time IPsec through
nat did not widely exist, and even implementations that figured out
udp had the problem that the cert often included a 1918 address which
didn't match the packet header source address. It is easy to forget
context when bashing something after the fact...

Sorry, but I don't follow. If the problem with widespread deployment of
IPsec was NAT traversal, why didn't we see widespread IPsec deployment
(for the general case) e.g. once RFC 3948 was published?

And: Do you expect IPsec deplyment to increase dramatically as IPv6 gets
deployed?

Thanks!

Kind regards,
-- 
Fernando Gont
e-mail: fernando(_at_)gont(_dot_)com(_dot_)ar || fgont(_at_)acm(_dot_)org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1




_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf