CircleID

Obviously no bias in the viewpoints expressed in this article, right? Right....

- fergie

I'm all for the deployment of IPv6, but I don't think the spread of technical misinformation under the banner of "truth" helps the cause at all.

The idea that IPv6 will somehow protect the world from file sharing, fraud and child pornography is just laughable.

In your point #2 you say that IPv6 lacks QoS - I've stared at a lot of IPv4 packets, and every one of 'em contains an 8-bit type-of-service/quality-of-service field.  So I would not agree that IPv4 entirely lacks QoS hooks.

You did not mention the appearance of NATs - these have significantly reduced the pressure for allocations of public address space.

You started losing me with point number two, Aside from the fact that you used "stealing" where you meant "unauthorised reproduction" (a bit of double-speak that I really hate, but can overlook), you also intimate that IPv6 vs IPv4 has anything to do with the possibility of mail spoofing ("sending spam they pretend is from another person's website") and such like. It appears you are trying to manufacture truth here, as opposed to describe some actual state of affairs.

Point 2 is the farthest stretch in your entire article.

Point 20 - I dare any techie or sysadmin to say "I'm deploying The New Internet network in our company." It's all very well to want to brand everything, but get real - IPv6 = The New Internet?  This is as bad as people who confuse the Internet with the web.

Appreciate your zeal to deploy IPv6.  Less FUD, please.

I'm not an expert, but I am very interested in anything that will help stop forgery and spam.  As I understand it, however, the authentication header in an IPv6 packet is intended for a very different kind of authentication.  This header is meant to carry a short piece of encrypted data that the receiver can use if he has the sender's secret key.  This might be appropriate for military communications, but not for email between unrelated parties.  According to RFC-2402 it is *possible* to include a signature in the authentication header, but "performance and space considerations currently preclude use of such algorithms".

It seems to me there is a fundamental flaw here in trying to provide "application layer" authentication at the level of IP packets.  It will be much more efficient to provide signatures and other authentication data once, for example at the start of an email session, and not load every packet with this big chuck of data.  So with regard to email security it seems to me that IPv4 and IPv6 are equally irrelevant.

This is not a criticism of IPv6, just a statement of my understanding that it won't help with the email forgery problem.  I welcome any clarifications from experts.