[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 6to4 deployement issues - was 6to4 security questions




Laurent Dumont wrote:

I'm not sure that the relay model will collapse if many 6to4 users are using
it, because the reality is that a 6to4 node will most likely be talking to
another 6to4 peer and will really not go through any relay for most of its
traffic. Why? because there is nothing of interest for them on the 6bone, so
that won't change much to the current situation...

Either you leave the relay model or you remove it.
If you leave it as it is, you open serious security issues
If you remove relays from the architecture, you create
a partition of the Internet. Sure, today there is no content
reachable though native IPv6, but one day, there will.
That day, you do not want to prevent those gazilliions
6to4 users from reaching it.

The only wat forward is either to deprecate 6to4 alltogether
(and use another conncetivity for the masses approach until
IPv6 ISPs are generally available)
or to fix the security problem.

My take is go back to the white board and try to fix it.

   - Alain.