> - With an RFC 1918 host behind a firewall, compromising the firewall is
> enough to grant that host outside access. Single point of failure.
>
> - With a site-local only host behind a firewall, this become a double
> hack thing: you need to reconfigure the firewall _and_ reconfigure the
> host to give it a public IP.
Why do you believe this makes a difference? Wouldn't site-local
traffic be just as likely to leak into an ISP as RFC1918 traffic?
Better isp's will filter it out in their border routers; others won't
bother.
- Bill
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
