> Well, the original idea was to reserve a bit to indicate that the > address is Cryptographically Generaged Address (CGA), basically > meaning that > > if the bit is set, then > interface id = low64(hash(PK, stuff)) & mask > > where > PK is a public key to be used as an identifier for the host > stuff is contains other parameters (see the earlier messages) > hash is a cryptographic hash function, e.g. SHA1 > low64 is a function that takes lowest 64 bits > mask indicates that we have to clear/set some bits of the iid > > In essense, that would allow anyone to determine if a given public > key belongs to a host, just inspecting the public key, the address, > and the "stuff" above. See e.g.
given that you need all of that "stuff" in order to verify the key anyway, why not make the CGA bit part of that "stuff" also? Keith -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
