[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: HOWTO: Join the 6bone!

Greg Stark <gsstark@MIT.EDU> writes:

> But all Manoj is really saying is we should be careful not to release broken
> packages. Rather he's raising a particular failure mode as something to watch
> for but he's said that in a way that assumes everything ipv6 related is
> probably broken by default, which is kind of annoying.

I think that the "don't turn on IPv6 by default" measure acts in the
long-term disinterest of Debian's security too.  Sure, it's possible
that there would be an IPv6 security-related bug.  But if we turn it
on, we get forced to find and fix them much sooner.  If we leave it
off, then there will be the spectre of lots of such bugs (if there are
lots) which don't get fixed for a long time (until IPv6 is widely

In that scenario, there will be people who say "I want IPv6", and they
can easily turn it on, but because we weren't forced to find and fix
the IPv6 security-related bugs that might be around, they get bitten.

Reply to: