Seems like all German accounts with 8-digit phone numbers are missing. Only 7-digit number accounts are shown.
Some use it because it simplifies load balancing if you're thinking network-design in an IPv4-way.
Yes. It offers better scalability! E.g. at my university, our institute has its own IPv4 /24. That means a maximum of ~253 or so devices. We have exhausted that number and for every new client, an old one has to go. Now…
He didn't say "all", he said "many". And that is factually right. Many ISPs use DSLite/CGNAT and don't hand out public IPv4 addresses to their customers anymore. Yes, some offer the option to change to a public IPv4,…
Yes, it seems like it is behind the times. It doesn't matter much at the moment, as there are no real IPv6-only services of relevance (unless you need to connect to the private IPv6-only NAS of a friend or sth like…
But you don't need PTR in any of these steps.
That just proves you haven't understood IPv6 yet. ULA addresses make it much easier, e.g. fd00::1 or fd00:2 (though this is bad practice, should be fdxy:zvwx:xyzw, xyvwz being random).
So same trust you put in any 3rd party DNS service. But I agree there's less contractual bindings to this service than an account somewhere that you even might pay some money for it.
Their business seems to lie elsewhere. This appears to be a minor service they offer free of charge to the IPv6-interested community, maybe to promote IPv6 usage.
No, I am not affiliated with them (though we follow each other on Twitter). My point is, I don't see any security implication involved with a wrong PTR record in relation to this service. If I set the PTR of my IP to…
But if they point to a new IP, the other IP's PTR is useless.
And then they have a certificate. What are they going to do with it? It's still not installed on your server.
How is that dangerous? If you don't "own" the IP, you can't add PTR for it.
Yes, you are missing something: S3 bucket resolves to Amazon's servers. <ipv6>.has-a.name resolves to the ip address specified in <ipv6>. You will have to install the certificate on the actual server that serves the…
Same/similar working mechanism is built-in into Windows since Vista: 1234-5678--abcd.ipv6-literal.net This doesn't even need functioning DNS and can work offline (add s<devnumber> for link-local addresses).
Seems like all German accounts with 8-digit phone numbers are missing. Only 7-digit number accounts are shown.
Some use it because it simplifies load balancing if you're thinking network-design in an IPv4-way.
Yes. It offers better scalability! E.g. at my university, our institute has its own IPv4 /24. That means a maximum of ~253 or so devices. We have exhausted that number and for every new client, an old one has to go. Now…
He didn't say "all", he said "many". And that is factually right. Many ISPs use DSLite/CGNAT and don't hand out public IPv4 addresses to their customers anymore. Yes, some offer the option to change to a public IPv4,…
Yes, it seems like it is behind the times. It doesn't matter much at the moment, as there are no real IPv6-only services of relevance (unless you need to connect to the private IPv6-only NAS of a friend or sth like…
But you don't need PTR in any of these steps.
That just proves you haven't understood IPv6 yet. ULA addresses make it much easier, e.g. fd00::1 or fd00:2 (though this is bad practice, should be fdxy:zvwx:xyzw, xyvwz being random).
So same trust you put in any 3rd party DNS service. But I agree there's less contractual bindings to this service than an account somewhere that you even might pay some money for it.
Their business seems to lie elsewhere. This appears to be a minor service they offer free of charge to the IPv6-interested community, maybe to promote IPv6 usage.
No, I am not affiliated with them (though we follow each other on Twitter). My point is, I don't see any security implication involved with a wrong PTR record in relation to this service. If I set the PTR of my IP to…
But if they point to a new IP, the other IP's PTR is useless.
And then they have a certificate. What are they going to do with it? It's still not installed on your server.
How is that dangerous? If you don't "own" the IP, you can't add PTR for it.
Yes, you are missing something: S3 bucket resolves to Amazon's servers. <ipv6>.has-a.name resolves to the ip address specified in <ipv6>. You will have to install the certificate on the actual server that serves the…
Same/similar working mechanism is built-in into Windows since Vista: 1234-5678--abcd.ipv6-literal.net This doesn't even need functioning DNS and can work offline (add s<devnumber> for link-local addresses).