On Fri, 24 Jul 2009 23:40:14 +1000, Hesham Soliman <hes...@elevatemobile.com> wrote: >> SeND is theoretically not easy to deploy - you need to provision >> cryptography material on all nodes. > > => Why? You only need to provision routers if you want them to support > proof of prefix ownership, but you certainly don't need to provision > all nodes, that's the advantage of CGAs.
First, you need a trust anchor to verify. Trust cannot be bootstrapped out of nothing, or I missed something? As far CGAs, they require a "postcard" IPR license from Microsoft: https://datatracker.ietf.org/ipr/676/ which -I assume- makes them legally incompatible with the Linux IPv6 stack in USA. -- Rémi Denis-Courmont -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------