Hi Hesham, Hesham Soliman <hes...@elevatemobile.com> writes:
>> >> SeND is theoretically not easy to deploy - you need to provision >> >> cryptography material on all nodes. > > => Why? You only need to provision routers if you want them to support proof > of prefix ownership, but you certainly don't need to provision all nodes, > that's the advantage of CGAs. What's the point of SEND *for authenticating routers* if you use only CGA and not certificates? And if you use certificates, then nodes need to be provided with trust anchors. Or am I missing your point? Cheers, a+ -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------