agree with most of what you said, however: > Since bad guys can deduce addresses by scanning --and will certainly do so if we > make it sufficiently hard for them to use the DNS-- this type of > DNS change, it seems to me, would have little effect on the > antisocial. note that scanning is a lot harder in IPv6 than it was in IPv4, because such a large address space is delegated to a customer and the normal assumption of stateless address autoconfiguration implies that addresses are allocated sparsely within the last 64 bits. Keith _______________________________________________ IETF mailing list IETF@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf