Re: IPV6 renumbering painless?

[Iljitsch van Beijnum <iljitsch () muada com>]

On 13-nov-04, at 10:02, Henning Brauer wrote:

> * Owen DeLong <owen () delong com> [2004-11-13 08:46]:
> > I suspect that eventually, we will discover that ADDRESS-based
> > ACLs simply do not scale to a V6 world

> which I see as an issue with v6 and not the ACLs.

Yes, because address based access restrictions never get in the way of 
renumbering in IPv4.

Filtering based on IP addresses is a broken concept.

I'm not a huge fan of sprinkling crypto over everything, but if you 
want certain people to have access to some stuff and not others, 
IPsec/SSL are the way to go.