[DHT dangers]
I do understand your view. But I don't share it. I am sure someone will sooner or later produce a statistical analysis that can be used to quantify the danger.
Ok there is much more to say about this subject but it's probably better to do that when there is something concrete on the table.
So you're saying: use PI first, PA as fallback?
I am saying that depending on application.
No, that's no way to build something reliable. Either you always first do PA and only use the potentially non-routable addresses as a fallback, or you need two faced DNS or complex IGP tricks.
I agree that you need two faced DNS. I don't see any specific reason why you should always do PA first and then PI, or vice versa.
Well, because if you try PA first and use PI only as a fallback you _don't_ need two faced DNS, which I think is evil.
You do feed the DNS names to your applications anyway, and you can do what I proposed (before you have real identifiers), if you wish. That is one reason why I see some value of using PI addresses temporarily (for 3-5 years or so) as identifiers. And that is one reason why I understand that many network managers would like to have them.
Actually I see PA addresses being used in the short term because that makes the transition from existing IPv6 to the loc/id system easier. If you use PI identifiers then legacy hosts can't connect to them. Of course it's also possible to combine the two: use PI and PA. If the PI is outside 2000::/3 then legacy hosts will (mostly...) prefer the PA addresses while the multihoming aware systems can be made to prefer PI. Note that in this case your PI is just as reachable as PA so no need for two faced DNS or anything like that.
Personally, I don't much like PI addresses. IMHO, they seem to create more complications than solve.
Ever renumber a non-tiny network?
We need to protect the infrastructure. As I wrote, the danger is not that much to the communicating hosts but to the infrastructure.
I'm not sure what you mean. Routers? DNS servers?
All end-hosts and all subnets. Basically, everything.
So you're afraid that when to people communicate without proper security mechanisms in place, others might suffer? I agree that we shouldn't add to existing attack vectors, but I doubt that we can solve this general case here and now. For that, we'd need some kind of system that stops traffic that the destination doesn't want to receive.
an attacker may launch a denial-of-service attack on a given node A
by contacting a large number of nodes, claiming to be A, and
subsequently diverting the traffic at these other nodes so that A is
harmed.
Not really big news. ... But it has nothing to do with multihoming, mobility or IPv6.
It may not be big news, but it was news back when MIPv6 was at the IESG for the first time. And yes, what I am writing about has everything to do with mobility and multi-homing. And perhaps even IPv6.
Hm, I think Smurf attacks were pretty successful in singlehomed fixed location IPv4 networks.
-------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------