[clug] IPv6 security and features

Paul TBBle Hampson Paul.Hampson at Pobox.com
Mon Dec 1 05:27:43 GMT 2008

On Fri, Nov 28, 2008 at 11:35:05AM +1030, Paul Wayper wrote:
>  Apropos of my talk last night on IPv6,
>  I read from Linux Weekly News (article at
> http://www.gcn.com/online/vol1_no1/47656-1.html) [1] that the US
> Department of Defence has officially certified the Linux
> implementation of IPv6 as complying to all the requirements of IPv6. 
> That means that the security extensions and various other non-core
> parts of IPv6 are now correct in Linux; this is important for getting
> any machine into DoD.  So maybe the talk of the protocol stacks being
> only partially complete is a bit outdated!

I just had a look at the testing results for RHEL (SuSE's was similar)
and it's not much more than a bare pass. All the musts and some of the
shoulds were hit, but almost all the optionals were untested.

So there's still a long way to go, although I do admit that many of the
optionals are probably supported but weren't specified as such in Red
Hat's letter of conformance. (I dunno if RHEL for example includes the
Mobile IPv6 work in their distribution, but it's out there for years
now... And maybe not updated in years, mobile-ipv6.org has patches for

I do like that the status reports is organised by RFC, that's pretty
reassuring. (As opposed to "does it work with what our existing
equipment implements")

More interesting though is that only two appliations have been certified
so far, Microsoft Outlook 2003 and Internet Explorer 7. Mozilla
foundation really ought to get their butts in gear on this one...

Paul "TBBle" Hampson, B.Sc, LPI, MCSE
Very-later-year Asian Studies student, ANU
The Boss, Bubblesworth Pty Ltd (ABN: 51 095 284 361)
Paul.Hampson at Pobox.com

Of course Pacman didn't influence us as kids. If it did,
we'd be running around in darkened rooms, popping pills and
listening to repetitive music.
 -- Kristian Wilson, Nintendo, Inc, 1989

License: http://creativecommons.org/licenses/by/2.5/au/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://lists.samba.org/archive/linux/attachments/20081201/7538d3fe/attachment.bin

More information about the linux mailing list