Anonyma (anon-bounces@deuxpi.ca) wrote:

> IMO OpenBSD will be far more secure when there IS an easy way to disable
> all IPv6.

Helmut Schneider wrote:

" Yes, and even much more secure if we could remove the ip stack at all. "




Very astute observation Helmut , I assume you are referring to the fact that
" ip 0 IP HOPOPT # internet protocol, pseudo protocol number "
as listed in /etc/protocols , cannot be disabled/filtered on OpenBSD systems.


As far as I am aware IP is not required to network computers.


I commend you on your modular thinking ; who would not wish to disable IP if
it played no part in their networking?


I amend my previous comments , IMO OpenBSD would be more secure if all networking
components were modular and could be individually disabled (via sysctl settings ,
perhaps?) if they were not required by an individual user.


In future , when IPv4 has been replaced , would it not be better if IPv4 was modular
and could be easily disabled if not required?


I regularly transfer quantities of milk into and out of my refrigerator , but I would
prefer to not refer to it as being my "Milk Stack". If OpenBSD's networking components
could be modularized , perhaps what was once an "IP Stack" would evolve to become a
"Networking Stack". I would prefer to have a Networking Stack , given a choice.


I'm entitled to my opinion , as you are to yours.


An Odd User.

Anonymous wrote:
> Anonyma (anon-bounces@deuxpi.ca) wrote:
[...]
> I regularly transfer quantities of milk into and out of my refrigerator , but I would
> prefer to not refer to it as being my "Milk Stack". If OpenBSD's networking components
> could be modularized , perhaps what was once an "IP Stack" would evolve to become a
> "Networking Stack". I would prefer to have a Networking Stack , given a choice.
>
I give up.