> % > % Yes, there are security issues, but no worse than > non-well-known address > % methods. > > hogwash. if one expects DNS servers to always be available > at, for example, fe80:dead:beef::53, then -anyone- can make > a server available at that address, not just the site admin.
=> Ah, and if you always expect a relay agent to be available at a reserve link local address, anyone can hijack this address. The same goes for any reserved address until ND is secured. As for the site-local address for DNS discovery, yes you can install a server on that address, but how do you reach it? Hopefully not anyone can inject a route for it, otherwise we're in much deeper trouble than hijacking a DNS address. Hesham -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
