On Feb 3, 2014, at 3:24 PM, Michael DeMan <na...@deman.com> wrote: > I meant mostly that with IPv6 NAT goes away,
I don't know if this is true or not - and even if it is true, it's going to be a long, long time before the IPv4 Internet goes away (like, maybe, pretty much forever, heh). > An NTPv5 solution that could be done with NTP services already, and would be > more of a 'best practices of how this shit starts up and what it can do' and > educating vendors to have reasonable behavior in the first place? Yes, but that's many years away, and doesn't address legacy issues. > And an NTPv6 solution/RFC/guideline that was similar, could help? Again, many years away, and doesn't address legacy issues. > I disagree that 'filtering' or 'blocking' any kind of IPv4 or IPv6 protocol > to 'protect the end user' is the wrong way to go when compared to just having > things work in a secure manner. Yes, but since the latter part of this statement is unattainable in the foreseeable future, the idea is actually to protect *the rest of the Internet* from misconfigured CPE. ----------------------------------------------------------------------- Roland Dobbins <rdobb...@arbor.net> // <http://www.arbornetworks.com> Luck is the residue of opportunity and design. -- John Milton
