Some respected members of our community dismiss DNSSEC. This video of DJB presents an opinion: DJB at 27C3
Functionally, companies in the United States block Al-Jazeera. I challenge you to actually watch their CNN-like feed on your local cable station. The best I can do is their half-hour daily news program broadcast alongside BBC America and (that wretched) RT News on KCET in Los Angeles; today I consider Al-Jazeera's reporting premeir among broadcast television.
We at slashdot all know it's easy to intercept and redirect DNS (unless you're in Sweden, those fine adopters of DNSSEC), or insert in a transparent Squid/whatev with a hosts file, but I'm confident at least they're probably not using Websense, years ago I installed the mod_geoip ruleset to deny access to daily updates for requests originating from embargoed nations.
Last time I was in Syria Facebook was blocked at the port 80 level. But ssh forwarding 3128 worked fine, hopefully no one was etherealing 53. Funny it took Syria three years to finally ban iPhones, I lost a brand-new 3G getting out of a taxi in Damascus... the one time I didn't photograph the license plate of the car I was getting into.
Seeing "Persian" instead of "Farsi" struck me as odd, but I suppose I'm the odd one.
I mention an encouragement for adoption because remaining with IPv4 works against both our interests, yours in the continuing innovation -- we can't have IP-next-next-gen until we have an IPng network that bests the legacy IPv4 -- and mine in restoring the Internet to its peer-to-peer model.
"Privacy Extensions" address your concern about trackable addresses in IPv6. Browser cookies are a much greater threat to personally identifying a unique machine as it moves from location to location but nonetheless Windows by default enables the generation of a random host address and on linux grep sysctl to enable temp_addr.
IPv6 dual-homing was still in progress.
I had IPv6 BGP with PI space in late 2006, so... uh...
I'll also add two comments concerning stagnation of technology. 1) MAC Addresses haven't changed in a long time. Yet Ethernet continues to advance, from coax to twisted pair, wireless, and fiber and from a bus to hubs then switches and now L3 switches. (although where are my end-to-end Jumbo Frames already?). A capable foundation does not hinder innovation. 2) Globally unique addresses in applications are the key. Returning the Internet to its mid-90s status quo of every host being a unique peer enables technologies that are simply painful to adopt today, like SIP communications or IPsec between islands of NAT. So we have created an inefficient clientA-server-clientB bandage so people can send each other images in IMs or actually use their webcams. Once the software developers (yes, they're part of my presentations) grasp the advantages of IPv6 I can't even imagine the wonderful new ideas they'll deliver.
IPv4 is simply unsustainable: at some point we'll simply run out of ports per IP to use for PAT. IPv6 has enough addresses to last effectively forever, through the lifetimes of people born today. Versus the status quo, where each person on earth has about half of an IP address if you consider the overhead of VLSM, not enough to cover my mobile phone, my SIP phone, my iPod, my iMac, my MacBook, my colocated servers, nevermind all the nerds in India or China... Would people adopt IPv6 faster if they saw it as a matter of social justice and equal access to technology for all the children of the earth?
(P.S. Everyone please hire me and some of my friends to teach IPv6 classes at your organization and organize your deployment. Thanks)
Not counting network addresses, broadcast addresses, and all the CIDR things.
Why do I deserve globally routable addresses but other people don't?
I mean, people, hire me and smash and the other under-modded smart people, we'll teach a class Friday, configure your routers on Saturday, check out the hosts on Sunday, and take the phone calls on Monday. This isn't rocket science (except for HSRPv2, so let's all use GLBP instead). Mainly you'll notice... IPv4 still works like it did on Friday. But all your google traffic, software downloads, and dns... IPv6 in the logs now.
conf t
ipv6 unicast-routing
int vlan 666
ipv6 addr 2001:db8:db8:666::1/64
ipv6 router ospf 65066
network 2001:db8:db8::/48
Some devices need:
sdm prefer dual def
wr me
reload
Sooooo haaarrrrrrrdddd omgosh.
He has not acquired a fortune; the fortune has acquired him. -- Bion