-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Jan 5, 2011 at 10:36 PM, Dobbins, Roland <rdobb...@arbor.net> wrote:
> > On Jan 6, 2011, at 1:26 PM, Joe Greco wrote: > >> A bunch of very smart people have worked on IPv6 for a very long time, >> and justification for /64's was hashed out at extended length over the >> period of years. > > Very smart people can and do come up with bad ideas, and IPv6 is a > textbook example of this phenomenon, heh. I certainly bear my share of > the responsibility for this state of affairs by not getting involved, and > leaving the heavy lifting to others. > As someone who has been immersed in security for many years now, and having previously been very intimately involved in the network ops community for equally many years, I have to agree with Roland here. Just because a lot of smart people have worked on IPv6 for many years does not mean that the security issues have been equally well thought out. I see this as very similar to all IP technology evolution issues -- none of which ever really focused on the dedicated attacker/criminal using the same technology to attack/defraud/hijack/etc. This is not meant as a slight to anyone -- just a realization of looking at security from a real-world perspective. It seems to always have to get "bolted on" as an afterthought, instead of baked-in from the beginning. $.02, - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFNJWVcq1pz9mNUZTMRAtimAJ4xWmqbP4Or5KFnonDW8XtOMMvMjgCcCswk 9JDJXNyDgUV4RnZlfDcBges= =KKZ+ -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/
