Vijay Devarapalli writes:
> Brian E Carpenter wrote:
> > I'm not quite sure what you are getting at here, but it's the
> > responsibility of every WG to solve all the security issues
> > associated with its own work; security is not a kind of
> > icing added afterwards to the cake. And if a security problem
> > is discovered late, it still has to be solved, even if that
> > means starting again. Security isn't optional in the IETF.
>
> For one, it has been asked to solve key distribution between
> two hosts in the Internet without using any infrastructure
> (dont assume PKI, AAA, etc...). Mobile IP WG has been told
> that MIPv6 will not move ahead without solving this. and
> everyone knows it is a very hard problem.
>
> There are many more, but it will sound like a rant. I will
> stop with this. My only intention was to put a statement into
> a certain perspective.
This is akin to wanting to design a 200 story
building, but not wanting to be held accountable
for its structural integrity. Any-any tunneling is
a hard problem, and anything that wants to propose
its use needs to deal with *all* of its
complexities. The alternative is to not take on
the task if it's too hard. There is nowhere else
where this will or should be solved.
Mike
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
