On Sun, 2 Feb 2003, Tom Lane wrote:

> I think I was the one who talked us into assuming that ipv4 and ipv6
> should be treated as a single protocol.  But some people have since made
> pretty good cases that it's better to regard them as separate protocols.

>From a security standpoint, I think it's definitely better to regard
them as separate protocols. They are certainly separately filtered on
firewalls, and they are often routed differently, too.

That said, I see no reason not to have some sort of easy way of saying,
"listen on all the interfaces you can find using all the protocols you
know." So long as you have the ability to distinguish where you listen
by both protocol and address, it's easy to be as secure as you need to be.

Curt Sampson  <[EMAIL PROTECTED]>   +81 90 7737 2974   http://www.netbsd.org
    Don't you know, in this new Dark Age, we're all light.  --XTC

---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?


Reply via email to