I have some comments about Section 3.2.1 (Centrally Assigned Global IDs) 1. I don't understand the necessity for the requirement to generate IDs consistent with [RANDOM]. The IDs need to be unique and sufficiently "randomized" (one could argue how important this need really is) so that there is no plausible way to aggregate them. I don't think it is necessary to be unable to guess the date or relative order in which a particular ID was allocated, however.
2. I don't find the argument for a single allocation authority compelling. It is still possible for a single authority (i.e., IANA) to delegate blocks of the global ID space to multiple registries. The naive way would be to delegate lists of random numbers generated by IANA. A more elegant way would be to delegate ranges in the sequence space of a non-repeating PRNG (e.g., maximal period 40-bit LFSR). Note that the requirement (1) above precludes this latter method. 3. I don't believe it is essential to have alternative registration methods besides web and e-mail. Anyone can establish a new network using only PA addresses (and locally assigned local IDs if necessary) before acquiring a "centrally assigned" local ID. One could also ask a friend with connectivity, or go to a local library. Requiring non-automated means of registration significantly drives up the allocation cost. 4. I don't believe that it is necessary for the allocation registry to escrow each allocation; I think it is sufficient for the allocation recipient to do so. In a dispute one can prove that he or she owns an allocation by producing a non-repudiatable (e.g., signed) message from a registry. The registries would only have to escrow their public keys. 5. I don't believe that the 10 euro fee is appropriate. I suspect that the cost to collect the money is substantially higher than the cost to manage the registry infrastructure, especially if the requirements are relaxed sufficiently such that the process can be fully automated. Although I'm not volunteering to foot the costs of a registry myself, I suspect sponsors could be found to operate them. 6. I believe a centralized registry is more susceptible to a DoS attack. Regards, =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Steven L. Blake <[EMAIL PROTECTED]> Ericsson IP Infrastructure +1 919-472-9913 -------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------