> > Applying IPsec doesn't help solve the authorization issue of who
> > should be allowed to receive packets sent to a particular anycast
> > address.
>
> Can you tell me any address or type of address for which that is an
> objective either of internet routing or addressing?
>
It is possible to determine authorization to use an address with CGA. RFC
3972 describes how to construct a CGA and its security properties, RFC 3971
describes how to use them to secure the resolution of link addresses to IP
addresses in Neighbor Discovery (i.e. SEND). There is also an individual
draft that describes how to use CGAs for securing Mobile IPv6 binding
updates (grep for "OMIPv6").
jak
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
