I missed what looks like quite an interesting talk by Mike Warfield at the TERENA on the security implications of IPv6. For me, one of the most interesting points is that if you don’t block IPv6 in your network then it will creep in because of users or attackers making use of it.
This is very similar to a point we included in a report on WiFi in Dublin 2002: IT departments will have to provide WiFi ‘cos if they don’t users will just plug in access points. I’ve seen this proven true in several situations since and so I still think it is good advice.
Mike Warfield goes one step further though. He points out that providing IPv6 is a lot easier than blocking it because there are so many ways to get IPv6 connectivity, thus the best path for IT providers is to start providing IPv6 connectivity that they can at least monitor and control.
(You can get the slides on the TERENA site. They may make the webcast available later.)