[discuss] IP Protocols and Intranets

• Previous message: [discuss] IP Protocols and Intranets
• Next message: [discuss] IP Protocols and Intranets
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jan 6, 2014 at 10:59 AM, nathalie coupet
<nathaliecoupet at yahoo.com>wrote:

> Hi John et al.,
>
> I have a few questions:
> 1) Could you please explain why IPv6 creates more security concerns by its
> use of MAC addresses than IPv4?
>


IPv6 allocation causes different security concerns as the IPv4 space is
exhausted. There is no more in the IANA piggy bank.

So IPv4 is going to cause a huge number of issues in the coming years as
address jacking becomes an increasingly common attack. Scarcity gives IPv4
addresses value, about $10 each according to some estimates.


Only the top 64 bits of IPv6 addresses are routable on the Internet. The
bottom 64 bits are reserved to the network. Sites can map these addresses
to MAC addresses but this is terrible security practice for all sorts of
reasons.

I do not want my equipment telling attackers what brand of gear I am using.
Anyone who thinks that is a good idea is an ideologue, not a security
expert. Yes, I know about the idea of security through full disclosure, it
is a complete misunderstanding of the security through obscurity argument.

Obscurity does not guarantee security but that does not mean that
disclosure has benefits. Disclosure is only ever desirable if it is
necessary to gain some other benefit.



> 2) Why doesn't the IETF design a protocol for IPvX with a pool of
> addresses we *know* will never run out instead of renewing the difficult
> task of changing the routing hardware every so often when faced with the
> threat of depletion? (even though this might not be the case before several
> centuries with IPv6).
>

128 bits is believed to be more than sufficient. The only circumstance in
which exhaustion is a possibility is if the allocation is botched. And to
guard against that they have reserved 7/8 of the space for different
allocation mechanisms.




> 3) What would designing multiple geographic Intranets do to the overall
> operation of the Internet (besides wreaking havoc on the business model of
> Big Data companies such as Google, Facebook and the likes?)
>

That is actually what the Internet is. The Inter-network is the network of
the networks. Either the networks can intercommunicate or they can't.
User's have repeatedly demonstrated that they will not accept a walled
garden model where the network provider fences them in (and often tries to
install toll booths at the exits).




> 4) What happened to the project of assigning the IANA function and ICANN
> responsibilities to the IAB? Why was it dropped?
>
>
That does not sound like something that was ever considered as a
possibility.

-- 
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://1net-mail.1net.org/pipermail/discuss/attachments/20140106/112d6f1c/attachment.html>

• Previous message: [discuss] IP Protocols and Intranets
• Next message: [discuss] IP Protocols and Intranets
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]