> > However, what Erik and the MIPv6 Design Team suggested is that > > the "bit" is *reserved* at this time for future use. > > I think that's the wrong way to solve the problem. > > either host A reliably knows the address of host B, or it doesn't. > > reliably knowing the address of host B implies either prior > configuration of A, or DNSSEC. even the latter requires prior > configuration of A to know DNSSEC keys or certs that allow it > to verify DNSSEC sigs on B (the idea that just having the root > keys will be sufficient to verify B's address is just fantasy). > > without A reliably knowing B's address, any scheme whose security > depends on a bit from B's address is defeatable by a MitM.
=> How can yahoo.com reliably know any possible client?? Hesham -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
