[ppml] IPv6 addresses really are scarce after all

[michael.dillon at bt.com]

> Subnetting 
> a house to prevent sniffing? That will be reserved for the 
> households headed by Mensa members, and or/ IT professionals 
> who use encryption on their online banking sessions anyway. 

*WILL* be reserved? You are remarkably optimistic that people will
continue to tolerate weak IT security on their home systems. As the
number of horror stories about identity theft continues to climb, some
companies will sense a demand for better security and will begin to
supply it. I want IPv6 address assignments to SUPPORT those new
businesses, not act as an anticompetitive barrier to entering the
market. That is called addressing stewardship.

> Besides, if someone in the house want the online banking info 
> - they'll just go get the bankcard from the parent's wallet - 
> then they'll have what they need to just reset the password 
> themselves.

It's been about 10 years since I last did Internet banking in the USA
with Bank of America, but I'm pretty sure that my banking password was
*NOT* written on my debit card. Currently, I bank with a major British
bank and I need my surname, the account number written only on my
statements, a PIN code of more than 4 digits, and two random letters
from a secret word which is entered by selecting from a drop-down list.
Even a keylogger would need to record several sessions in order to get
enough letters from the secret word. Of course a teenager at home,
sniffing network every time the bills are paid, would easily be able to
get all of this, but the only one of the 4 data items in my wallet is my
surname.

> Laptop to the bathroom for porn... 
> that made me lol. If they want that - they'll probably use 
> their mobile broadband connection, rather than try to log on 
> to the local wireless network. Of course, if my houseguest is 
> taking a laptop to the bathroom - I'm going to be asking 
> "What's up?" anyway.

You monitor house guests that closely? Pat them down looking for pocket
computers before letting them in the john? Basically, I am talking about
someone hijacking the wireless connection to access illegal content.
Since the signal is strongest in the house, especially if you use that
WiFi barrier paint, and the police won't see you doing it inside, I
expect that the subset of the population who is driven to access this
stuff, will start doing it at dinner parties. Unless, of course, you
have the wireless connected to a router/firewall that is centrally
managed so the teenagers can't bypass it.

> No. People won't do that. Getting people to put WEP / WPA on 
> their access points is hard enough. Firewall and password is 
> all we can hope for there.

People won't do it, but businesses will offer packages which do this,
either home networking hardware packages or after-sales installation and
setup service.

But the bottom line is that if you cannot imagine things being
different, others can. And the IPv6 addressing architecture and RIR
policies must serve both you and the creative dreamers.

--Michael Dillon