-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >> I did think the verification problem that Heikki mentioned is >> important and can happen in other protocols so I might fix the >> wording to focus on the problem. > > Certificates with IP addresses are sold and used, so I would not be > surprised if address presentation leads to verification problems. >
Good point. We see bad practices everyday on the internet, so its worth mentioning. I just have to work on the text. Most the examples don't point to specific protocols, so I'm thinking about leaving the X.509 as an example and not give details of how and in which field this could go wrong. Brian's draft does a pretty good job of that. Meanwhile, I need to discuss with the working group about text representation of addresses with IPv4 embedded in the last 32bits. We had a discussion about this on the list before Stockholm, it is now written like this reflecting the many comments that were given on and off the list. (Thanks to everyone that commented!) In cases where there is a choice of whether to express the address as fully hexadecimal or hexadecimal and decimal mixed, and if the address type can be distinguished as having IPv4 addresses embedded in the lower 32 bits solely from the 128bits of the address field itself, mixed notation is the better choice. However, there may be situations where hexadecimal representation is chosen to meet certain needs. Addressing those needs is out of the scope of this document. The text representation method noted in Section 4 should be applied for the leading hexadecimal part (i.e. ::ffff:192.0.2.1 instead of 0:0:0:0:0:ffff:192.0.2.1). Does this sound reasonable? Does anybody have a strong objection? Regards, Seiichi -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) iEYEARECAAYFAkqfvr8ACgkQcrhTYfxyMkLJ/ACgiHXPuXzaJ8iEEVp7m6e+Zi4g EEEAnA4UE6vHGk4zFhTmINebcjCcZVTC =POAI -----END PGP SIGNATURE----- -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
