Hi Pekka,
> I agree with you that the "bit method" is not a good method.
> On the effective value of the method I have to *disagree*, though.
> There is, however, a need to divide the IP addresses into two
> sets:
>
> 1. Addresses for which CGA (or something similar) is *required*.
>
> 2. Addresses for which CGA (or somethign similar) is not used
> or is optional.
My understanding of this entire discussion was that the "bit method"
was more along these lines:
1. Addresses for which something stronger than Return Routability
is needed.
2. Addresses for which Return Routability is sufficient.
I thought that further study on CGA was needed, in order to get consensus
on if the protection it provides is sufficient.
One comment I would like to make about this topic, which I don't think
has been addressed (no pun intended), is that this 'bit method' for addresses
essentially can identify nodes which are 'potentially' mobile. I am not a
security expert, so this may not really be a threat, but my feeling is that
most mobile devices will probably be small devices, that are
battery/processor/l2 (i.e. wireless) limited devices. By identifying
nodes this way, do we open up the possibility for addition DoS attacks
(small device with limited processor, battery & bandwidth capacity) is
more susceptible to flooding attacks. Is this an issue?
thanks,
John
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
