In message
<73c4861a-8037-40c5-a925-5af99d1448e2@f19g2000yqh.googlegroups.com>, at
03:04:06 on Wed, 17 Jun 2009, Boltar remarked:
>>>On the contrary , being able to have your computer uniquely identified
>>>by anyone , anywhere in the router chain by every packet you send out
>>>is something the IP6 evangelists unsurprisingly keep quiet about.
>>
>>I'm not sure if you are for or against this feature. There are still
>
>I'm against it. I realise it wasn't a concious decision on the part of
>the designers, it just fell out of the mix, but I think its a
>potential security risk especially in regards to someone spoofing your
>address. With dynamic IP4 addressing your machine is only linked to an
>address for as long as the lease lasts or until you disconnect. With
>IP6 that link is for the life of the machine (or at least until you
>change the network card or its a card that can have its MAC addresses
>changed on the fly though few people would know how to do that).
>
>>anonymisation techniques which will foil this (and again not sure if you
>>think that good or bad).
>
>No doubt there are, but that essentially then becomes NAT for IP6 but
>getting rid of NAT is one of the reasons some people suggest
>switching to IP6.
>
>>But in any case, for the average user, they don't care (either for or
>
>Well, there are no average users for IP6 yet, at least not in the
>west. But I suspect if and when it gets out to the wider public they
>won't be best pleased.
Dynamic IP is a kludge, all that ipv6 is doing is returning to the
intended status quo. If you think that raises security issues, then they
need to be resolved without also crippling the numbering scheme.
--
Roland Perry |