>>>>> On Thu, 17 Oct 2002 10:00:18 +0900,
>>>>> [EMAIL PROTECTED] said:
>> I don't get the sense that we have consensus on this, because some
>> people seem to think that scoped addresses are appropriate for use by
>> general-purpose apps.
>>
>> for instance, there's really no way that an application can effectively use
>> a scoped address in a referral to another host, since the app has no idea
>> whether the host that uses the referral has access to the same scope as
>> the party providing the referral. name-to-address mapping is only one
>> instance of this problem.
> agreed. you can't pass around scoped address across nodes (in general)
> as the view of the scope differs between nodes. i have clearer idea
> on link-locals, but i have almost no solutions against site-locals.
> there are security issues associated with it (attacking other company's
> inside machine using routing header w/ site-local address, and such...).
A tiny clarification (which is not directly related to the topic): the
attacker can't go inside the other sites using a routing header, as
long as the site border router is fully compliant to section 9 of
draft-ietf-ipngwg-scoping-arch-04.txt. (Or perhaps you're assuming
the existence of a non-compliant border router.)
JINMEI, Tatuya
Communication Platform Lab.
Corporate R&D Center, Toshiba Corp.
[EMAIL PROTECTED]
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
