Erik Nordmark wrote: > I think that might be a reasonable middle ground. It would still make it > harder than in IPv4 to explore all hosts, yet one can have e.g. SNMP > access to a local agent on the link that provide this (with appropriate > SNMP security) to allow remote management. > > Elsewhere I've run into the management need to find a particular host > from knowing only its MAC address. The suggestion to have INVARP would > help with that subproblem.
I agree that the security issues here are great, and that there is a need in the Management world for this feature. If you could limit this to an SNMP v3 secure function and not a IPv6 function then maybe we could work this out within the security concerns of all involved. But that is a different WG (I think that the SNMP v3 WG was closed down last year) so I would be real careful in how we proceed. Eric -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------