Flexible address policy on 2000::/3?
Does this imply that the 13bit TLA of the initial addressing scheme is scrapped too? Thanks for any info. -mg IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED]
Question about IPsec in IPv6
Hi! I want to know if there have been made additions to the IPsec part on IPv6. Something that bugs me to Ipsec on IPv4 is that it either required some system backed authentication (Kerberos), some CA issued certificate or the worst solution being a static keyphrase. Now to my question: Does IPsec in IPv6 allow adhoc connections not requiring any certificates, rather just doing a simple key exchange (e.g. using a set of randomly generated public keys), with the simple purpose to encrypt the connection? Thanks for any infos! -mg IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED]
RE: Question about IPsec in IPv6
= I disagree: without authentication (by a pre-shared secret, certificate/signature or public key) you can be attacked by the Man-In-The-Middle, i.e., you can get a very secure connection with a bad guy, not the intended correspondent. There are some schemes where one participant can be anonymous, but at most one (i.e., never both). Is this scheme used anywhere on the net? Can I make use of it whatever time I want? E.g. the server has a cert and I dont, but the server requires IPsec, my client will respond even without cert? Well I asked that question, lets say for the case that two endusers without any certificates can build up a secure line between each other. For example an IM application could turn on IPsec without certificate. The problem is I don't see endusers buying certificates anytime soon, which might be important for pure P2P applications wanting to use the IPsec protocol, at least in my thoughts. Thanks for any info -mg IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED]
FEC0::/10 or /48?
Hi! I think my question is best answered in this mailing list. When I read books about IPv6, they mention always an 48bit prefix for SL addresses, but reading the archives of this list, the people discuss about a 10bit prefix. Is FEC0::/10 valid now, or still a draft or subject to change and FEC0::/48 still standard? Thanks for your help -mg IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED]