Keith Moore wrote: >>First, it turns out that return routability _is_ strong enough to >>correspond roughly to the (current) security of the IPv6 Internet. > > I don't doubt that. But then why are we worrying about MitM attacks > in one case and not in the other?
Are you asking why we worry about MitM for RR but not for the stronger cases? Well, one answer is that there is a difference in the security level of RR and CGA, as an example. But the main worry is that if we happen to succeed in improving the overall security of IPv6 in the future, RR might became the weakest link. The link that I gave you make a security analysis as a "diff" to the current situation, and if the current situation changes... Anyway, this volume of e-mails on this thread is tiring at least myself and perhaps we should just end this discussion for now as we don't appear to be on a path to consensus. It's probably best to get the mentioned draft out, and deal with all the points that have been raised, and then get back to the issue. Jari -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
