On Mon, Jun 22, 2009 at 3:09 PM, Tyler Close<tyler.close@gmail.com> wrote: >> Why do you assume my router has a private IP address? > > Because it does? I've used several networks that used several networks that used public IP addresses behind firewalls and that relied on connectivity security. If I recall correctly, the network at the computer science department at Stanford is configured this way and they use connectivity to control access to their printers. In any case, I don't think it's a robust assumption for the future of web security. What happens when IPv6 causes every toaster to have a public IP address? >> It seems fragile and magical to hang our hat on that for security. > > No more fragile and magical than a home router hanging its hat on > connectivity for security. Now we're going in circles. I've given you a number of use cases where connectivity security makes sense. You alternatively insist that (1) connectivity / IP-based authentication is a fragile/bad idea and (2) that you aren't insisting that! > That's not an accurate portrayal of my argument. Try again. Can you explain your argument in simple steps like the above? I clearly don't understand your position. AdamReceived on Monday, 22 June 2009 22:25:42 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:11 GMT