> As a side-note, a fifth SL option was presented "out of the blue" in SFO, > namely exclusive SL/global addressing (one or the other only), which, > because it was rather a "broken" idea, I think perhaps added to the room > sentiment that site-locals are broken (rightly or wrongly :)
well, it was something that hadn't been suggested yet, so I don't blame them for trying. but what became clear after looking at all of the different ways of limiting usage of site local side-by-side is that every way of restricting site locals still leaves us with a mess. the only set of restrictions that avoids leakage and/or requiring apps to be aware of network topology is to use SLs only on isolated networks, and experience with RFC 1918 strongly indicates that this doesn't work well in practice.
