On Sun, 26 May 2013 11:58:09 +1000, Chris Angelico wrote: > On Sun, May 26, 2013 at 11:54 AM, Roy Smith <r...@panix.com> wrote:
>> Of course not every IPv6 endpoint will be able to talk to every other >> IPv6 endpoint, even if the both have globally unique addresses. But, >> the access controls will be implemented in firewalls with appropriately >> coded security policies. Not as an accident of being behind a NAT box. > > To be more specific: The control of who can talk to whom is in the hands > of the admins of the two endpoints and the nodes in between, rather than > being arbitrarily in the hands of the technology. So I would be able to > talk to the file server across the street, but only IF its admin lets > me. Or when (not if) you find a vulnerability in the particular firewall. Make no mistake: the most secure entry point is the one that isn't there. -- Steven -- http://mail.python.org/mailman/listinfo/python-list
