Brian E Carpenter wrote: > I must say I don't understand the reference to RFC2437... > presumably you mean 2374, which will be obsoleted anyway.
2437 was a mistake, pardon my poor sleep deprived brain. The subject line should now have the right reference. > In which case, I violently agree with Keith. We've already > overloaded IP addresses with two functions - locator and > identifier. We've been rebuffing various suggestions for > yet more overloading for years (the porno bit for example) and > this is in the same category - not the right place to put a security > hint. It's quite inappropriate to damage the opaqueness of a pure ID > field in such a way. If a security hint is needed, it should be somewhere > else. A security hint is needed. Please read the "bidding down" notes to see why. For reference, here are the URLs again: http://playground.sun.com/mobile-ip/WG-archive/frm05357.html http://www.piuha.net/~jarkko/publications/mipv6/Bidding_down.txt If you don't agree with the argumentation, please let us know, in detail, where you disagree. What comes to the method of passing the hint, I (and the whole design team) really wish the hint could be placed somewhere else. However, we just haven't been able to find such a way. We would be more than happy to use some other method, but we just haven't been able to find one, given the constraints. > On a practical point, I don't see how this fits with the addressing > architecture (draft-ietf-ipngwg-addr-arch-v3-07.txt) which requires > that "For all unicast addresses, except those that start with binary > value 000, Interface IDs are required to be 64 bits long and to be > constructed in Modified EUI-64 format." It also doesn't fit with > the RFC 3041 privacy extensions. I'll let Erik to address this one, my knowledge fails here. --Pekka -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
