On 11/13/14, 3:19 PM, Michael Richardson wrote:
Michael Thomas <[email protected]> wrote:
     > Given how easy it is for a device to configure a gua -- intentional or
     > otherwise -- i don't think i'd want to stake any security properties a
     > device's non-routability. Nor do I think that the obscurity of not
     > having a DNS name provides much in the way of privacy.  There's way too
     > much that can go wrong to count on either of these properties.

I am not saying: ULA=secure, GUA=insecure.

I'm saying: pick a GUA if you are a device which should be
discoverable/reachable by default.  That's not to say what your ACL should
be.  I presume that these devices do not otherwise use resources the way that
my phone or laptop does when I interact with it.

But all of my devices want to call home to the mothership to check for firmware updates, etc, etc. So they want to get a GUA. Isn't that sufficient to be vulnerable to incoming traffic assuming no other measures are taken (eg, firewall, etc)?
Isn't that even true with privacy addresses?

Mike

_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet

Reply via email to