I have some comments about Section 3.2.1 (Centrally Assigned Global IDs)
1. I don't understand the necessity for the requirement to generate IDs
consistent with [RANDOM]. The IDs need to be unique and
sufficiently "randomized" (one could argue how important this need
really is) so that there is no plausible way to aggregate them. I
don't think it is necessary to be unable to guess the date or
relative order in which a particular ID was allocated, however.
2. I don't find the argument for a single allocation authority
compelling. It is still possible for a single authority (i.e.,
IANA) to delegate blocks of the global ID space to multiple
registries. The naive way would be to delegate lists of random
numbers generated by IANA. A more elegant way would be to delegate
ranges in the sequence space of a non-repeating PRNG (e.g., maximal
period 40-bit LFSR). Note that the requirement (1) above precludes
this latter method.
3. I don't believe it is essential to have alternative registration
methods besides web and e-mail. Anyone can establish a new network
using only PA addresses (and locally assigned local IDs if
necessary) before acquiring a "centrally assigned" local ID. One
could also ask a friend with connectivity, or go to a local library.
Requiring non-automated means of registration significantly drives
up the allocation cost.
4. I don't believe that it is necessary for the allocation registry to
escrow each allocation; I think it is sufficient for the allocation
recipient to do so. In a dispute one can prove that he or she owns
an allocation by producing a non-repudiatable (e.g., signed) message
from a registry. The registries would only have to escrow their
public keys.
5. I don't believe that the 10 euro fee is appropriate. I suspect that
the cost to collect the money is substantially higher than the
cost to manage the registry infrastructure, especially if the
requirements are relaxed sufficiently such that the process can be
fully automated. Although I'm not volunteering to foot the costs
of a registry myself, I suspect sponsors could be found to operate
them.
6. I believe a centralized registry is more susceptible to a DoS
attack.
Regards,
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Steven L. Blake <[EMAIL PROTECTED]>
Ericsson IP Infrastructure +1 919-472-9913
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[EMAIL PROTECTED]
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
