Default security functions on an IPv6 CPE

Rémi Després remi.despres at
Fri May 6 17:37:31 CEST 2011

Le 6 mai 2011 à 01:32, Doug Barton a écrit :

> On 05/05/2011 14:43, Mark Smith wrote:
>> What needs to die is the the 90s/00s assumption that hosts aren't
>> protecting themselves.
> I think that there is ample evidence to the contrary, but even assuming you're right, what's the harm in doing both? I reiterate the point made so ably by Nick.

> Anyone who knows/cares about this will also be capable of turning it off.

Different view: anyone who isn't paranoid about assumed weaknesses of his host security shouldn't need to perform *any* CPE management. 

With laptops, typically used in multiple wifi environments, any security that isn't independent from CPE protection is bound to sometimes fail.

With CPE's intended to be used unmanaged, transparency is the only simple behavior.
Others introduce complexity that is bound to create problems an frustration of ordinary users.


> Doug
> -- 
> 	Nothin' ever doesn't change, but nothin' changes much.
> 			-- OK Go
> 	Breadth of IT experience, and depth of knowledge in the DNS.
> 	Yours for the right price.  :)


More information about the ipv6-ops mailing list