On Mon, 3 Dec 2001, Vijay Devarapalli wrote: > > > The requirement that Home Address Option MUST be processed is nothing new; > > > it's a requirement for every IPv6 node as currently being specified. > > > > Right, and this was what we've stated in earlier versions of the draft. A > > note was, however, added to the latest version of our draft to indicate > > that the Mobile IP WG is presently discussing what to do with the Home > > Address Option and whether there are security issues in that as well > > (as there were other security issues in the Binding Update Option). > > The above sentence needs to be put in a certain perspective. > I think it is wrong it say the Mobile IP WG is wholeheartedly > discussing this issue. It is more like that this issue has been > forced upon the Mobile IP WG (like certain other security issues > it was never meant to solve). And most people (who worked on > Mobile IPv6 implementations for years) dont take part in these > discussions either. We implementors (I can speak for a few people) > were quite happy with Home address option, BU option and > IPSec (we made it work with Mobile IPv6), until things started > going wrong from December 2000 IETF onwards.
<semi-rant> Wouldn't it be nice if one would be allowed to specify insecure behaviour, and in addition, making it a MUST implement (HAO) or a SHOULD (BU) for every IPv6 node? Without regard for consequences? "Stationary nodes are not our problem.. they aren't mobile"? Some might say: feel free to break MIPv6 -- it's your baby after all -- but don't break IPv6 in the process too, please. </rant> -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------