[ipv6hackers] my IPv6 insecurity slides
Owen DeLong
owend at he.net
Fri Dec 16 20:27:55 CET 2011
On Dec 16, 2011, at 3:38 AM, Marco Ermini wrote:
> On 24 November 2011 20:45, Markus Reschke wrote:
> [...]
>> That situation will not last very long! We'll see more and more IPv6-only
>> networks, since all IPv4 addresses will be assigned soon. Users will
>> complain that they can't reach the webshop or B2B site of a new company. So
>> nearly any network is forced to support IPv6 sooner or later.
>
> As long as vendors continue to make huge money with Carrier Grade's
> 6-4 NAT, no, I don't necessarily agree.
Then you obviously haven't tried using any of those systems from a user
perspective.
>
> [...]
>> As I wrote above: connectivity is more important than security (for users)!
>> IPv6 won't be an option, it's becoming a requirement. It's not our decision
>> because the market is heading to IPv6. We may advise how to improve security
>> but nothing more.
>
> Users do not care how they are connected. If an ISP is able to make
> them reach IPv6-only sites (are there any relevant out there up to
> now? I don't believe so) without changing their home router (which is
> a major cost for the ISP), they won't have any big interest in that.
>
Not yet, but, when there are, it's already too late. Your users will be upset and it
will take you several months to catch up.
>
>> So any discussions about deploying IPv6 or not are futile IMHO.
>
> Indeed they are not, but should be put in the right prospective.
>
IPv6 is a question of when, not if. ISPs that believe otherwise will very likely succumb
to natural selection within 5 years.
ISPs that believe that when can be put off significantly by using various forms of NAT
will also likely suffer unless they are able to leverage a monopoly position to preserve
userbase in spite of poor service.
Owen
More information about the Ipv6hackers
mailing list