Jari T. Malinen wrote:
>> I'm afraid that there's more to this than that. >> One of the implications of Pekka's observation is >> that the binding cache is no longer a cache. That >> is, you cannot evict the cache entry and still >> function properly. The reason is not the CoA and >> RH which will clearly still work, but the HAO. If >> you drop the cache entry, the CN will see a HAO >> which it doesn't know whether to believe and thus >> would have to drop (or send a binding solicit, >> etc). This bothers me quite a bit as going from >> soft state to hard state should never be taken >> lightly. > > Hmm, if there is a way to set up weak authentication state > in an initialization, it can also be done again, even after > expiration. However, this concerns the properties of > weak authentication where you may not have a proof > of identity the way of strong authentication (e.g., > you may need to "believe" the first HAO). I'm afraid Mike's right here. Of course the weak authentication can be rerun, but before it is rerun, many packets have gone to /dev/null because the MN kept sending route optimized stuff with HAOs, and the CN through them away because of the security issue. Jari -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
