ietf
[Top] [All Lists]

Re: [Full-disclosure] IPv6 security myths

2010-10-26 16:35:32
Hi, Fred,

I'm not a security guru, and will step aside instantly if someone
with those credentials says I'm wrong. However, from my perspective,
the assertion that IPv6 had any security properties that differed
from IPv4 *at*all* has never made any sense. It is essentially a
marketing claim, and - well, we all have marketing departments.

The problem probably is that this sort of claim has been made in
supposedly-technically-savvy forums. Many, if not most, (supposedly)
technical reports on IPv6 security assert that "IPv6 provides improved
security as a result of *" (where "*" is usually "mandatory IPsec
support", but may also be "security not being an add-on, but rather
carefully thought during the design of the protocol", etc.)

These claims are very usual e.g. in IPv6 Task Forces
circles/documents/papers/reports. (IIRC, there was one of such documents
published by the North American IPv6 Task Force). The recent EU IPv6
security paper seems to assume that IPsec deployment will increase
dramatically as a result of IPv6 deployment. And even parts of the
recent NIST report on IPv6 secure deployment assumes "improved security"....



In the scope of things, wh does having one of out of the many needed
tools make IPv6 different than IPv4, especially given that the
indicated tool is present in both IPv4 and IPv6 implementations?

Scratch-a-my-head. I don't see it. 

Nor do I ;-)

Thanks!

Kind regards,
-- 
Fernando Gont
e-mail: fernando(_at_)gont(_dot_)com(_dot_)ar || fgont(_at_)acm(_dot_)org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1




_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>