[ipv6hackers] SEND implementation Patent

Fernando Gont fgont at si6networks.com
Sun Mar 25 20:30:14 CEST 2012


On 03/14/2012 02:36 PM, Douglas Otis wrote:
>>  Also, because many other systems do not implement it, either, so it
>>  doesn't pay much to be the first to do so?
> 
> When typical corporate LANs contain compromised systems, additional
> efforts independent of IPv6 is required. Although Intrasite Automatic
> Tunnel Addressing Protocol (ISATAP) and Teredo provide IPv6 connectivity
> between hosts separated by IPv4 infrastructure, this tends to degrade
> security.  Nevertheless, IPv6 can be leveraged to establish end-to-end
> security as demonstrated by various schemes such as DirectAccess or
> BTMM.  Instead of using shared secrets or SSL certs, SeND can offer a
> "standard" deployment vehicle.

At the end of the day, the problem users usually have have little (if
anything) to do with lack of authentication at the network layer (which
is what SEND provides).

Thanks,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492






More information about the Ipv6hackers mailing list