ipv6 & login frame
Ignatios Souvatzis
ignatios at cs.uni-bonn.de
Fri Oct 5 08:55:07 CEST 2012
On Thu, Oct 04, 2012 at 09:59:11PM +0300, Liviu Pislaru wrote:
> hi,
>
> i'm deeply surprised to see that if i'm using IPv6 i cannot login on
> this website (http://www.arbetsformedlingen.se) and i even get an
> explicit message. (see the links below)
> https://www.dropbox.com/s/tzuom0p1ka3tpgz/v6_login_english.png
> https://www.dropbox.com/s/tbxvkkmjwi8sxq5/v6_login.png
>
> do you know about similar issues with any other website ?
> does anyone has an explanation for this ?
> security issues, geolocation issues ... what do they want to avoid ?
They simply have enabled AAAA for the machine, and didn not disable
IPv6 for Apache, but have something dependent on IPv4 in their
database. It might just be a stupid CMS from last century.
Lots of people warn against this practice, e.g. me in a talk in 2009[1].
-is
[1] http://theory.cs.uni-bonn.de/~ignatios/bgnw.vortrag.pdf, page ca. 30.
Sorry, German language.
More information about the ipv6-ops
mailing list