> > As I get older and less sane, I am increasingly convinced (or
> >convincing myself) that IPSEC won't buy us anything worth the price
> >we are going to pay in having to upgrade our systems. Indeed, IPV6
> >probably won't, either, not for a looooong time.
> I saw in some information that stated:
> "IPv6 will be completely irrelevant for the corporate community, and even
> it's appropriateness for the internet is becoming questionable....The
> of implementing IPv6 would be tremendous."
> I would like to see who concurrs with this, and the reasoning.
I'm going out on a limb here, but I don't quite agree. First, with
Marcus' statement about IPSec. Building all security into the app is, to
me, a lot more expensive than putting it within the network layer.
Administration will suck, and be expensive. But the benefits of the
security model I think outweigh that.
On IPv6. Inappropriate?? Hardly. IPv4 has way too many drawbacks to it
right now. Security, no support for guaranteed delay, no flow tagging
(well its there but it sucks), unnecessary fields (when not used),
address space is too small and poorly broken up. Look at how some corporate
environments have to play games with network address translation already!
It needs to be fixed. Not in 1997, or even 1998, but I think sooner than
what is realized.