13 Nov
2004
13 Nov
'04
7:48 a.m.
On 13-nov-04, at 10:02, Henning Brauer wrote:
* Owen DeLong <owen@delong.com> [2004-11-13 08:46]:
I suspect that eventually, we will discover that ADDRESS-based ACLs simply do not scale to a V6 world
which I see as an issue with v6 and not the ACLs.
Yes, because address based access restrictions never get in the way of renumbering in IPv4. Filtering based on IP addresses is a broken concept. I'm not a huge fan of sprinkling crypto over everything, but if you want certain people to have access to some stuff and not others, IPsec/SSL are the way to go.