[ipv6hackers] IPv6 security presentation at Hack.lu 2011

sthaug at nethelp.no sthaug at nethelp.no
Tue Sep 27 17:03:52 CEST 2011


> > nope. as DHCPv6 does (currently, and the respective IETF draft was
> > discarded after v01) _not_ allow the distribution of a default
> > router. so a node just configured by means of DHCPv6 only will not be
> > able to communicate outside its local-link space. [which can be a
> > desired state, security-wise, but will probably seldom be desirable
> > functionality-wise ;-)]
> 
> I don't recall of the top of my head what was the rationale for
> producing the standards this way, but at least in principle it looks
> rather dumb.

Religion. "The router knows best", and should therefore always be
trusted to supply the default gateway. And the IPv6 high priests
have strongly rejected all attempts at producing sanity here :-(

Steinar Haug, Nethelp consulting, sthaug at nethelp.no



More information about the Ipv6hackers mailing list