Five Security Flaws in IPv6

[Nick Hilliard]

Geoff Huston wrote:
> Fair enough. What does that 
> observation imply to a projected IANA pool exhaustion date then?

As regards specific dates?  No idea.  To be honest, the exact dates are 
now relatively unimportant.  It could be 6 months one way or a year the 
other.  Who knows?

What interests me more is that your latest figures imply that we are now 
well ahead of the context of a recent rant of mine:

http://lists.cluenet.de/pipermail/ipv6-ops/2007-March/001022.html

And in the context of ipv6 - whether or not it's going to see a massive 
burst of interest / activity as the exhaustion date approaches, and 
whether or not it's going to provide a viable solution to the world's 
networking requirements in a post ipv4 era - there is still a massive 
resistence to really look beyond the next quarter's financials and take 
things a bit more seriously.

In particular, we're well inside the the specify, test, integrate, deploy, 
use life cycle of CPE equipment, and given that a large chunk of CPE 
equipment being deployed today is still fundamentally ipv6 incapable - and 
more importantly, cannot be upgraded to support it - it strikes me that 
there are some really fundamental questions about ipv6 which most service 
providers haven't really even begun to look at yet.

Whatever about the exact exhaustion date, I am going to confidently 
predict that shortly after RIR exhaustion occurs, and things begin to 
break because of lack of ipv4 addresses, there will be a massive media 
fest on how ill-prepared the ISP industry was for the event, and look! 
what a complete balls they made of the whole thing, and how it's hurting 
business and industry, and how things would have been so much better if 
the journalists had run network operations, because they knew in advance 
how things were going to be.

prediction value: €0.02.

Nick