Yes, but IMHO that is sufficient. IP address to link address mapping via ND
is subject to spoofing if the address is DHCP assigned but not a CGA, since
the ND message cannot be signed.
Do you see an issue?
jak
----- Original Message -----
From: "Templin, Fred L" <[EMAIL PROTECTED]>
To: "James Kempf" <[EMAIL PROTECTED]>; "marcelo bagnulo braun"
<[EMAIL PROTECTED]>; "Stig Venaas" <[EMAIL PROTECTED]>
Cc: "INT Area" <[EMAIL PROTECTED]>
Sent: Tuesday, June 19, 2007 2:10 PM
Subject: RE: DHCPv6 and CGA (was: Re: [Int-area] SeND & CGA Extensions BOF)
Not true; the client can configure a CGA address from
an advertised prefix and "propose" it to the server by
including it in an IA Address option ([RFC3315], Section
22.6). The server should then be willing to assign the
address to the client as long as it isn't a duplicate.
Whoops; I think I remember now that CGAs were only to
be used for SEcure Neighbor Discovery (SEND). Is that
still true?
Fred
[EMAIL PROTECTED]
_______________________________________________
Int-area mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/int-area
