On Sun, 2 Feb 2003, Tom Lane wrote:
> I think I was the one who talked us into assuming that ipv4 and ipv6
> should be treated as a single protocol. But some people have since made
> pretty good cases that it's better to regard them as separate protocols.
From a security standpoint, I think it's definitely better to regard
them as separate protocols. They are certainly separately filtered on
firewalls, and they are often routed differently, too.
That said, I see no reason not to have some sort of easy way of saying,
"listen on all the interfaces you can find using all the protocols you
know." So long as you have the ability to distinguish where you listen
by both protocol and address, it's easy to be as secure as you need to be.
cjs
--
Curt Sampson <cjs@cynic.net> +81 90 7737 2974 http://www.netbsd.org Don't you know, in this new Dark Age, we're
alllight. --XTC
