Erik Nordmark writes:
> For the IETF I think this means that we should not issue a proposed standard
> (e.g. for MIPv6) with a hole (e.g. assuming that ingress filtering will be
> made aware of HAO). If we want to go this path I think we need a community
> supported ingress filtering RFC (BCP or standards track) that handles HAO no
> later than when MIPv6 becomes Proposed Standard.
I agree 100% with Erik here, and add this:
security needs to be thought of in terms of
layers. Ingress filtering is a useful, but
incomplete layer. Ultimately hosts need a means
to defend themselves too since we can't assume
that anything will have complete coverage.
Mike
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
