current-users: Re: IPv6 stuff

Subject: Re: IPv6 stuff
To: Ken Hornstein <kenh@cmf.nrl.navy.mil>
From: Lubomir Sedlacik <salo@Xtrmntr.org>
List: current-users
Date: 01/16/2002 05:59:44

--4VrXvz3cwkc87Wze
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

hi,

On Tue, Jan 15, 2002 at 11:51:55PM -0500, Ken Hornstein wrote:
> >If you trust TSIG and the machines that you allow to update, then you can
> >trust dynamic updates.  Yes, there are issues, no doubt.  Compare this to
> >the failure rate of entering v6 reverse addresses by hand :-).
>=20
> But to do it securely, then you have to enter key information by hand ...
> and somehow that seems like a zero-sum gain to me.

well, and what about using simple utilities, e.g. ipv6calc not to make a
mistake? you can find it in pkgsrc as net/ipv6calc.  it is as easy as
type:

 ~> ipv6calc -r 3ffe:80e8:200::1
 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.8.e.0.8.e.f.f.3.ip6.int

i hope this helps you to decrease your failure rate to near-zero value ;)

regards,

--=20
-- Lubomir Sedlacik <salo@Xtrmntr.org>   ASCII Ribbon campaign against  /"\=
 --
--                  <salo@silcnet.org>   e-mail in gratuitous HTML and  \ /=
 --
--                                       Microsoft proprietary formats   X =
 --
-- PGPkey: http://Xtrmntr.org/salo.pgp                                  / \=
 --
-- Key Fingerprint: DBEC 8BEC 9A90 ECEC 0FEF  716E 59CE B70B 7E3B 70E2     =
 --

--4VrXvz3cwkc87Wze
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (NetBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE8RQjAWc63C347cOIRAg+xAKCIySP5wnwa8BCGj6oJNvfdrpi2MgCg6VKg
gYCdqfFNAGsRjdCSTplZxOs=
=0q/7
-----END PGP SIGNATURE-----

--4VrXvz3cwkc87Wze--