> I think the answer is yes, it is reasonable to use site-locals as an > indication of policy. The kind of examples I have in mind are > > 1) A default configuration for some applications (eg database, file, and > print servers) might be to only accept connections from site-local > addresses. These applications would be running on hosts with both global > and site-local addresses.
would it be reasonable for applications to assume this rather than having a particular kind of site policy be assumed by default? my view is that security policy should always be explicit, never assumed. in general, the application writer has no idea what degree of trust is invested in "local" hosts. > 2) A default configuration for some IP appliances (eg printers) might be > to only configure link-local and site-local addresses. I can see doing this to allow initial configuration of hardware devices without keyboards and displays (though use of link-local would be even better). but again, I don't see it as reasonable for the device vendor to make assumptions about a customer's security policy. Keith -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
