On 8/26/2010 4:10 PM, Dave CROCKER wrote:
in this case, the vastly larger address space of IPv6 permits attackers to switch to new addresses at a rate that was not possible with IPv4. this is likely to defeat the substantial infrastructure of attack-tracking that is address-based, such as for anti-spam.
This statement is a bit oversimplified, so a slightly oversimplified response in return. In IPv4 attack-tracking the /32 is considered but most tools are smart enough to aggregate up to at least the /24, and often (for better or worse) up to shorter prefixes as well. If we consider the v6 /64 as roughly equivalent to the v4 /32; lather, rinse, repeat.
Even more vastly oversimplified response, Brian's right. :) Doug _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf