Hi Pekka, > I agree with you that the "bit method" is not a good method. > On the effective value of the method I have to *disagree*, though. > There is, however, a need to divide the IP addresses into two > sets: > > 1. Addresses for which CGA (or something similar) is *required*. > > 2. Addresses for which CGA (or somethign similar) is not used > or is optional.
My understanding of this entire discussion was that the "bit method" was more along these lines: 1. Addresses for which something stronger than Return Routability is needed. 2. Addresses for which Return Routability is sufficient. I thought that further study on CGA was needed, in order to get consensus on if the protection it provides is sufficient. One comment I would like to make about this topic, which I don't think has been addressed (no pun intended), is that this 'bit method' for addresses essentially can identify nodes which are 'potentially' mobile. I am not a security expert, so this may not really be a threat, but my feeling is that most mobile devices will probably be small devices, that are battery/processor/l2 (i.e. wireless) limited devices. By identifying nodes this way, do we open up the possibility for addition DoS attacks (small device with limited processor, battery & bandwidth capacity) is more susceptible to flooding attacks. Is this an issue? thanks, John -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------