Toward more sensible whitelisting
cb.list6 at gmail.com
Tue Jun 14 04:08:09 CEST 2011
On Jun 13, 2011 6:54 PM, "Dan Wing" <dwing at cisco.com> wrote:
> > -----Original Message-----
> > From: ipv6-ops-bounces+dwing=cisco.com at lists.cluenet.de [mailto:ipv6-
> > ops-bounces+dwing=cisco.com at lists.cluenet.de] On Behalf Of Phil
> > Benchoff
> > Sent: Monday, June 13, 2011 4:36 PM
> > To: ipv6-ops at lists.cluenet.de
> > Subject: Toward more sensible whitelisting
> > The really big content providers are pretty hesitant to add sites to
> > their
> > whitelist (if they even have one). IPv6 testing primarily depends on
> > users entering a special IPv6 URL which most people won't bother with
> > and may not even know about. I've been thinking there ought to be some
> > ways to get users with working IPv6 to try the IPv6 version of a site
> > without causing too much worry to the content providers.
> > one
> > of them to inform a user he has working IPv6 and offer an easy way to
> > switch to the IPv6 version of the site?
> Separate namespaces (e.g., "ipv6.example.com") are bad. That user,
> who is using the IPv6 namespace, will eventually share content
> via email (cutting and pasting the URL) or on a social network via
> a "share on <social_network>" button.
> But that shared content won't work with the other 99.mumble% of the
> Internet population, who are IPv4 only. People will complain. Users
> will be unhappy, including the IPv6-friendly user that opted into the
> IPv6 website in the first place. And IPv6 will be blamed -- afterall,
> "ipv6" name will be right there in the URL (or "ip6", or whatever
> that website chose).
Agreed, not ideal. But, could a browser not abstract away this issue to best
fit a host? DNS? Naptr?
I personally only use ipv6.blah in my bookmarks for CNN, Facebook, Google,
Cisco ... but I am not a usual user that prefers to be af agnostic.
Nonetheless, this is an evolving behavior. If I ran a nat64 network, would
it not behoove me to seed these book marks with ipv6 names on user device
and my customer portal?
> > Consider
> > If you change the way you evaluate the results, you could have a popup
> > tell
> > the user he has working IPv6 and let him click a button to be forwarded
> > to
> > the IPv6 web site. If a user goes to www.example.com and has working
> > ipv6,
> > he could be prompted to switch to www.ipv6.example.com. The site
> > operator
> > could choose a popup, automatically forwarded the user, or present a
> > dialog
> > within the content of the site. These all alter the user experience a
> > bit, but they may be within the range of tolerable changes.
> > Personally, I'm all for adding an AAAA record and fixing the problems
> > that
> > show up. There don't seem to be that many and there is always the
> > option
> > of removing the AAAA record if necessary. That being said, I think it
> > is necessary to work with the big content providers and try to find
> > ways
> > to address the things they are worried about. I suspect the engineers
> > working on IPv6 at those big content companies spend more time
> > convincing
> > others that it is reasonably safe to try a few things than they do
> > actually
> > fixing IPv6 issues. Everyone involved in trying to move IPv6 forward
> > knows there are broken things in all of the selective IPv6 availability
> > scenarios. The questions are which are the least broken and what new
> > ones
> > can we invent to move on?
> > The people on the content side of the equation need to understand that
> > the average user isn't going to go out of his way to help them prove
> > that
> > IPv6 is viable. The only users that will change their DNS resolver are
> > the ones who already type the IPv6 URL. Network operators with
> > eyeballs
> > are (probably) not going to bake you a cake or get an NIST
> > certification
> > that they really do IPv6. You're going to have to pick the least sucky
> > looking alternative and take some kind of leap. If nothing else, start
> > IPv6
> > and help the sites with unhappy eyeballs get things working.
> > I'm really hoping that an analysis of the numbers and experiences from
> > IPv6 day show that it's really not so bad.
> > Phil
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ipv6-ops