Erik, > Erik Nordmark wrote: > I don't think an identifier is necessary in every packet. > But I do think it makes sense to have a shim layer above IP which > uses locators in the packets below (for IP's routing) and presents > fixed length identifiers in the pseudo-headers passed to/from the > upper layer protocols. > The reason having identifiers in every packet isn't useful is that > if you want to avoid facilitating redirection attacks of packet flows, > then the receiver needs to verify at some level the relationship between > locators and identifiers. The state (which can be soft-state created > dynamically using a protocol similar to MAST) needed for this > verification allows the receiver to recreate a packet with the same > identifiers as what was sent by the peer ULP. Thus between the ULPs the > shim provides a service which passes what looks like packets containing > 128 bit identifiers, even though on the wire the packets have 128 bit > locators.
You just described MHAP. Michel. -------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------