Re: Sufficient email authentication requirements for IPv6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mar 29, 2013, at 4:13 AM, Mikael Abrahamsson <swmike@xxxxxxxxx> wrote:

> My belief is that IP address reputation has always been flakey, it's just vastly more so with IPv6.
> 
> What we need is a way to identify a "entity" subnet size. This work is probably wasted on IPv4, but it's definitely needed for IPv6. The ISP in question needs to be able to publish customer/entity subnet size so reputation can be done at this level.

This approach works fine if one presumes that the problem is always just
the customer (i.e. their ISP is actively interested in helping solve the 
problem.)  For ISPs who are not as interested (or may have an actual 
motivation to hinder resolution of the problem), this will not work.  

While the above situation has also been somewhat true with IPv4, it is 
definitely the case with IPv6, since the typical address space allocation 
sizes provide ample space for whitewashing customers into new prefixes.  
As a result, it is questionable whether any IPv6 address-based reputation 
system can be successful (at least those based on voluntary principles.)

/John







[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]