I note that PCI DSS poses a problem for IPv6, in that section 1.3.8 (my copy is dated October 2010) mandates that private IP addresses (they clearly mean RFC1918) are not revealed to or routable from the internet (my paraphrasing).
Given that most systems which are required to be PCI-DSS compliant are going to be behind firewalls, load balancers etc, and thus the critical servers and instrastructure don't need real IP address, v4 or v6, it's probably not a big issue, but I wondered whether other people had considered it or were writing policies and procedures to pass compliance?
