Manfredi, Albert E wrote: > > > -----Original Message----- > > From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On > > > Thus, it is my recommendation that the next version of the node > > requirements document make support for IPsec and IKE both SHOULDs > > only, with a lot more explanatory text that makes it clear that there > > are some types of devices where IPsec is not necessarily the best > > choice. > > > > Thoughts? > > YES! > > I think this has become a big obstacle to deploying IPv6. I realise > that a lot of the early hype about IPv6 implied it was inherently > secure, but hype is hype. A high level of security is not achieved by > magic. Having to mess with certificates and key exchange is no easier > in IPv6 than it is in IPv4!
Hmm... My admittedly limited perspective is that almost nobody uses IPv6 at home, and in corporate environments there is far more IPsec users than IPv6 users. Thus your characterization that IPv6 isn't widely used/deployed because of a MUST implement IPsec seems a bit strange to me. --julien -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
