Erik, >> Richard Draves wrote: >> First, site-locals offer better security than a >> single firewall, because typically there will be >> multiple routers on the path between an attacker >> and a customer site, all filtering site-locals. >> Second, I agree that strong security is great >> and we should work towards it. But "defense in >> depth" argues for having multiple security >> mechanisms, so even with strong security I think >> site-locals and firewalls have a place.
> Erik Nordmark wrote: > This assumes that ISPs will use site-locals. Where does this come from? There is nothing in Richard's text that implies anything about the ISPs _using_ site locals. It talks about _filtering_ them. Michel. -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
