[ipv6hackers] "Stick to limited IPv6 deployments, businesses warned"

[Jim Small]

> IPv6's maturity is not where it should be. Features available are not
> where they should be. But thats understandable, because such things take
> time and labor. and especially the labor part is the main reason it will
> still takes one to two years until the implemenation is done, and then
> it takes another year to see if the implementation was good and bugs are
> fixed. Even then it will not be en par with IPv4, but at least then it
> will be in an acceptable state.
> 
> yes, we do not have that time. but that is the reason why I recommend to
> wait with IPv6 as much as long as you can, and only do the minimum
> necessary.

I believe that we are out of time, in fact even behind.  I also believe that the best thing we can do to address security issues is to deploy.  I'm not saying full scale deployments but pilots.  Pilots get vendor products used.  Use brings out bugs and awareness.  The Internet is a great forum for communication - as vendor's products get used and bugs are found more and more people will talk about them.  This is negative publicity that vendors will want to squash and the solution is to fix the bugs.  Without deployment, I don't think the vendors are motivated.  I agree that this is less than ideal, but from my vantage point that's the reality we live in.


> And for the record: Windows 7 with all currennt updates applied is still
> vulnerable to RA flooding, just tried last week.

This sucks - I will do what I can to apply pressure for a solution.  It's tricky though - I don't want to squawk about it too much because then people won't deploy IPv6 and Microsoft won't be motivated to fix it.  However, I will keep bringing it up and push for a timeline.  The more customers I deploy, the more leverage I have to go back to Microsoft and show them negative publicity risk because of increased exposure (deployments).

--Jim