we battered the IETF, and even government interest, on this for years back in 
late 2007, and beyond ...  any remember IPv5? :)
IPv6 is a massive security risk in sooooo many ways.
No real NAT so you are distributed into the worldwide even if billions of 
addresses there is no protection.

There is NAT64 / DS-lite so you don't need IPv6, even PCP, 1:1 million ratios :)

I could write a book on IPv6 insecurities, failings of the open multicast, RA 
timers, NPD holes .... and link local omg ....

30 years I have written protocols, solutions and systems, my advice is switch 
IPv6 off by default!  And anyone who suggests different is off my Christmas 
list and Santa will put you on the naughty list.



Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Friday, 30 October 2020 11:58, Martin Schröder <mar...@oneiros.de> wrote:

> Am Fr., 30. Okt. 2020 um 11:54 Uhr schrieb Denis Fondras open...@ledeuns.net:
>
> > Please, fix your tweet. The default install answer for IPv6 is 'none'.
>
> This borders on "switch off v6 for security reasons", which would be just 
> wrong.
>
> I'd much prefer that the project adopted a" v6 first, vintage ip
> second" approach.
> But I'm not a dev.
>
> Best
> Martin


Reply via email to