Re: IPv6 in network-manager-openvpn

From: Tore Anderson <tore fud no>
To: Dan Williams <dcbw redhat com>
Cc: networkmanager-list gnome org
Subject: Re: IPv6 in network-manager-openvpn
Date: Mon, 26 Aug 2013 20:28:08 +0200

* Dan Williams

The assumption here is on the side of security, that it's better to send
all traffic to the VPN and fail, than it is to send your traffic over
un-encrypted links when a VPN is supposed to be active and you think
things are encrypted.


That's a pretty good argument for merging these patches, actually. Right
now all IPv6 traffic will go unencrypted, even though the VPN is
perfectly capable of routing IPv6 to all or parts of ::/0. For me, this
merely an annoyance (I always have to do "ssh -4 some.work.system"
because IPv6 just times out), but for others this may be a big privacy
problem, e.g. as reported here:
http://torrentfreak.com/huge-security-flaw-makes-vpns-useless-for-bittorrent-100617/

Tore

References:
- IPv6 in network-manager-openvpn
  - From: Nicolas Iooss
- Re: IPv6 in network-manager-openvpn
  - From: Dan Winship
- Re: IPv6 in network-manager-openvpn
  - From: Nicolas Iooss
- Re: IPv6 in network-manager-openvpn
  - From: Dan Williams
- Re: IPv6 in network-manager-openvpn
  - From: Tore Anderson
- Re: IPv6 in network-manager-openvpn
  - From: Dan Williams

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]