Hello,
In your IESG comments on draft-ietf-ipv6-rfc2462bis-07.txt, you said:
> Was there an analysis of the configuration consistency rule
> (section 5.6) of accepting the most recent information, while
> trying to secure both DHCPv6 and ND/addrconf (SEND)?
As far as I know, there was no such analysis. But honestly speaking,
I don't understand the point of the question. In my understanding,
this rule is not for security, but about how to deal with
configuration errors of servers/routers. Whether or not ND is secured
with SEND and/or DHCPv6 is secured with its authentication mechanism,
inconsistency due to configuration errors can happen, and the same
rule should apply (as described in Section 5.6) in that case.
Does this simple answer address your question? If not, please explain
the point (that I could not understand). If it does, do you want to
update the draft regarding this issue? E.g., do you want to emphasize
that this is not for security and the rule should apply whether or not
ND/DHCPv6 is secured? Or can we just leave the text as is?
Thanks,
JINMEI, Tatuya
Communication Platform Lab.
Corporate R&D Center, Toshiba Corp.
[EMAIL PROTECTED]
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
