I did not actually attend the IETF meeting but several of my co-workers did attend as we comprise the IPv6 department of our office... I believe the general concensus as it was made mention from the meeting and relavent IETF mailing list discussions was that the ambuquity of scoping was the single most problem. There was no easy way to say where the site-local scope boundaries were. I was just informed the IETF mailing list just reported that the concensus was reached on the list to deprecate site-local... Jeremy On Thu, Apr 10, 2003 at 08:56:22PM +0300, Kalle Olavi Niemitalo wrote: > "Jeremy T. Bouse" <jbouse@debian.org> writes: > > > Yes, at the most recent IETF IPv6 work group meetings in > > San Francisco it was finally determined that site-local was to > > be deprecated. > > Why is that? I find site-local addresses quite convenient for > access control. I have one machine with a public dynamic IPv4 > address. It then advertises 6to4 and site-local prefixes to a > few other machines in my local network. I have set these other > machines to accept connections from site-local addresses only. > This is pretty safe as the gateway filters those addresses in > both directions. I can't easily put global addresses in > hosts.allow because the prefix can change at any time.
Attachment:
pgpqJAUq8gHdF.pgp
Description: PGP signature