While I recognize that automagically finding resolvers can be quite important, I think that WKAs have already been proven to be not a dead end, but a velodrome from which you cannot escape, and where you just have to pedal faster and faster.
Do you have any pointers for this?
1) A client system shouldn't spew packets (DNS or other) on any other host, without local configuration to make it do so - preferrably through a local configurations service such as DHCP.
Why do you feel so strongly about this?
I would be perfectly fine with stipulating that these addresses shouldn't be hardcoded by vendors, but rather specifically configured by end-users or their system administrators. Since these addresses will disappear in 2 years, hardcoding them would be counterproductive anyway.
I really dislike a system where I or my ISP can be forced into starting an anycast instance just to balance the traffic and make sure that the service to the "local" clients is up to standard.
I don't see how you would be forced to start an anycast service. And if you were so forced, this means there is no uptake of a "real" DNS resolver discovery mechanism, so the alternative would be that users either have no resolvers, or have to find them manually. Both seem infinitely worse than any inconvenience caused by the well-known addresses.
Things shouldn't be turned "on" by default on the Internet, they should be turned "off". Otherwise you stand the risk of ending up like Windows, where every bell and whistle is turned on by default - open for each and every cracker to take advantage of. Automagically having them turned "on" also puts you in an awkward position from a legal standpoint:
E.g., in court:
Party1: "You keep bombarding me with traffic!"
Party2: "I haven't turned on anything such, so it can't be my fault!"
I'm sorry, I don't find this argument convincing.
2) Locking these well known addresses into systems is likely to cement the use of 6bone addressees in a way that we *REALLY* don't want to.
3ffe::/16 is going to be ususable anyway for years to come because of stray configuration that has to be cleaned up. And it's not like we're running out of IPv6 address space any time soon...
3) I think it opens up a Pandora's box of security issues that I, for one, don't want to touch even with my thickest gloves.
Like what?
DHCP is the way to go. It's there, it works, it's been proven to fit into really small appliances.
Do you REALLY want to get into this on this list?
Even if for the sake of argument it would be a good idea to run DHCP everywhere (which it isn't), then we still have the problem that some significant operating systems currently don't support it don't allow the user to add such support easily.
Please understand that this is an experiment. It won't break the internet.
_______________________________________________ 6bone mailing list [EMAIL PROTECTED] http://mailman.isi.edu/mailman/listinfo/6bone
