> >Your reasoning is markedly incorrect if applied to A6. If we take
> >site renumbering to be the dominant factor controlling
> >signature-validity times, then the signatures on the A6 records
>
> from what I got from reading djb's webpage, djb's point is that
> the dominant factor controlling signature-validity time is security,
> and for that reason he claims it needs to be very short (so there's
The reason is security, in that you can't make the record go away
until the signature becomes invalid. So if it's all right for your
interface ID and/or subnet information to persist for a month, but
you want to be able to change your global prefix(es) on a day's
notice, you get a 30-to-1 work savings on almost all of your RRsets.
(Yes, a day is awfully short for a non-mobile site, but awfully long
for a mobile one.)
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
