Hi Tony, Tony Cheneau wrote: > > [...] > > > The probability that two nodes ends up generating the same public- > > private key should be zero unless the public key scheme is broken, so I > > think when a node receives a SEND protected message where the public > > key is the same as its own, the node MUST assumes the message was sent > > by himself and MUST discard the message. > > That's another possibility. However, we should be careful that other > public key scheme are not used. Such as the ring signature algorithm > proposed in [1] (it's mainly a research paper), but all the node will > share the same Public Key (hence address), and this is an expected > behavior. One could argue this was useful to solve the ND proxy case > (which is now solved differently), but I think it might also be a > solution to anycast related issue SEND. > To sum up, I'm OK to check for identical Public Keys, but I would > rather see a comparison on more data (Public Key + Nonce + Timestamp). > Does that seem reasonable ?
Hmm, for anycast there shouldn't be any DAD involved since an inherent characteristics of an anycast address is that it is shared and therefore duplicated. So maybe we can specify that a node receiving a DAD NS where the public key is the same as its own MUST assumes the message was sent by himself and MUST be ignored for the purpose of DAD? --julien _______________________________________________ CGA-EXT mailing list [email protected] https://www.ietf.org/mailman/listinfo/cga-ext
