This page contains information about bringing IPv6 support to CAcert.

Making CAcert services available over IPv6

Connectivity

At the moment (2009), there is no IPv6-capable VServer kernel available from Debian. Until there is, a solution could be to have a router use a combination of 6to4 and port-forwarding to reach the IPv4-only VServers.

The following /48 has been assigned to Oophaga/CAcert: 2001:7b8:616::/48

For the interconnection, 2001:7b8:3:9c::/64 has been asssigned.

The status of the IPv4 and IPv6 protocols on CAcert servers

Date: 20160418

The table displays the CAcert servers' ability to use the IPv4 + IPv6 protocols.

Server

IPv4

IPv6

www.cacert.org

x

x

secure.cacert.org

x

x

ocsp.cacert.org

x

x

crl.cacert.org

x

x

translations.cacert.org

x

-

svn.cacert.org

x

-

wiki.cacert.org

x

-

cats.cacert.org

x

-

bugs.cacert.org

x

-

lists.cacert.org

x

-

blog.cacert.org

x

-

irc.cacert.org

x

-

test.cacert.org

x

-

issue.cacert.org

x

-

infradocs.cacert.org

x

-

Once the connectivity issues are sorted, the rest should be a lot easier

Website

Apache runs fine on IPv6, as long as the vhosts are defined properly.

DNS

BIND has IPv6 support and can provide AAAA records.

Email

Postfix supports IPv6 and of course TLS (in opportunistic mode among other things).

There are probably several IPv6-capable POP/IMAP servers out there. Dovecot is one of them, and it has the advantage of providing SASL to postfix.

Being able to process IPv6 for certificate requests

Named certificates are not a problem. OpenSSL supports IPv6 addresses in the CN from version 0.9.8 upwards


IPv6 (last edited 2016-09-12 10:17:37 by AlesKastner)