> Margaret Wasserman writes: > > Private addressing does not provide any time of security that > cannot be obtained (and more easily, in most cases) by > appropriate configuration of firewalls or filters on routers.
So are you advocating that people use global addresses with a firewall and/or filters to block outside connectivity for part of their address space? Doesn't that just create a weird form of private address space? And worse (since it is not officially sanctioned) one that applications can't recognize? One advantage of having scoped addresses defined in the IPv6 architecture from the start is that applications can know not to pass them outside of their scope. If we instead suggest that people firewall/filter off random portions of the global address space, then apps will blindly pass those addresses around in the data stream, mistakenly thinking that they are real global addresses. Only having dedicated scoped address space allows apps to do the right thing. --Brian -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
