nanog mailing list archives
Re: NIST IPv6 document
From: Paul Ferguson <fergdawgster () gmail com>
Date: Wed, 5 Jan 2011 22:47:02 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Jan 5, 2011 at 10:36 PM, Dobbins, Roland <rdobbins () arbor net> wrote:
On Jan 6, 2011, at 1:26 PM, Joe Greco wrote:A bunch of very smart people have worked on IPv6 for a very long time, and justification for /64's was hashed out at extended length over the period of years.Very smart people can and do come up with bad ideas, and IPv6 is a textbook example of this phenomenon, heh. I certainly bear my share of the responsibility for this state of affairs by not getting involved, and leaving the heavy lifting to others.
As someone who has been immersed in security for many years now, and having previously been very intimately involved in the network ops community for equally many years, I have to agree with Roland here. Just because a lot of smart people have worked on IPv6 for many years does not mean that the security issues have been equally well thought out. I see this as very similar to all IP technology evolution issues -- none of which ever really focused on the dedicated attacker/criminal using the same technology to attack/defraud/hijack/etc. This is not meant as a slight to anyone -- just a realization of looking at security from a real-world perspective. It seems to always have to get "bolted on" as an afterthought, instead of baked-in from the beginning. $.02, - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFNJWVcq1pz9mNUZTMRAtimAJ4xWmqbP4Or5KFnonDW8XtOMMvMjgCcCswk 9JDJXNyDgUV4RnZlfDcBges= =KKZ+ -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/
Current thread:
- Re: NIST IPv6 document, (continued)
- Re: NIST IPv6 document Dobbins, Roland (Jan 06)
- Re: NIST IPv6 document Dobbins, Roland (Jan 06)
- Re: NIST IPv6 document Joe Greco (Jan 06)
- Re: NIST IPv6 document Jack Bates (Jan 06)
- Message not available
- Re: NIST IPv6 document Tim Chown (Jan 07)
- Re: NIST IPv6 document Jack Bates (Jan 07)
- Re: NIST IPv6 document Jeff Wheeler (Jan 05)
- Message not available
- NIST IPv6 document Jeff Wheeler (Jan 05)
- Re: NIST IPv6 document Joe Greco (Jan 05)
- Re: NIST IPv6 document Dobbins, Roland (Jan 05)
- Re: NIST IPv6 document Paul Ferguson (Jan 05)
- Re: NIST IPv6 document William Allen Simpson (Jan 06)
- Re: NIST IPv6 document Jack Bates (Jan 06)
- Re: NIST IPv6 document Joel Jaeggli (Jan 05)
- Re: NIST IPv6 document Paul Ferguson (Jan 05)
- Re: NIST IPv6 document Jack Bates (Jan 06)
- Re: NIST IPv6 document Marcel Plug (Jan 06)
- Re: NIST IPv6 document Jack Bates (Jan 06)
- Re: NIST IPv6 document Lamar Owen (Jan 06)
- Re: NIST IPv6 document Owen DeLong (Jan 06)
- Re: NIST IPv6 document Owen DeLong (Jan 06)