* Mikael Abrahamsson: > On Tue, 12 Jul 2011, Christian Huitema wrote: > >> Then I am really not worried. This kind of attack is trivially >> mitigated by any stateful firewall on the path. In addition to all >> other mitigations that were listed on this thread. > > Think as an ISP. We do not stateful firewall our customers, and we > might be forced to have requipment in the customer /64, at least > initially.
Could you rephrase that? If you're in the IPv4 consumer market, I'm pretty sure you provide stateful filtering for customers. (The filter probably resides on the CPE.) It's possible to do things differently with IPv6, but customers will probably not like it. -- Florian Weimer <fwei...@bfk.de> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99 -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
