On Jun 23, 2011, at 4:40 PM, Manfredi, Albert E wrote: > Your solutions appear to be more client-oriented.
That's correct. Ultimately the security of the client depends on the client being secure. Trying to secure the client by securing the network is a noble cause, but ultimately doomed to failure, because you can't control what networks the client connects to. Of course there are special cases where this isn't true, but as mobile nodes get more and more capable, the set of all such special cases gets smaller and smaller. -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------