>
>
> Pekka Savola wrote:
> > We MUST NOT reserve bits in the address to support IPR'd mechanisms.
>
> Actually, the intention is just the reverse. The intention
> is to reserve a bit (or bit pattern) so that the IPR'd
> mechanims NEED NOT to be used for future better security
> protocols. CGA can be used independent on whether there are
> any bits reserved or not.
>
> The bit method would leave the door open to any future
> security mechanisms, including those based on AAA and CGA.
>
It is not very clear as to why you have to reserve a bit in the
address to express different security mechanisms being used. Why can't
this be built into the protocol itself ? Is it because that the future
security mechanisms will not use the same set of message exchanges as
RR and hence you want a protocol independent way of indicating the method ?
I would assume that any mechanism to establish the binding between home
address and care of address would have a few message exchanges. Can you not
"indicate" which mechanism is being used in the first message being sent
as part of establishing the binding ? I am not sure whether I am missing
the obvious here. In your note that you sent :
"Now, when bob receives the packet sent by Alice, he has no other knowledge
about Alice except the packet itself. In particular, the only information
he has about Alice is the source IP address in the packet".
I am missing something here. Isn't the packet carrying any other
information at all ?
-thanks
mohan
> But I think Erik is better in expressing the issue, he first
> proposed the bit method anyway.
>
> --Pekka Nikander
>
> --------------------------------------------------------------------
> IETF IPng Working Group Mailing List
> IPng Home Page: http://playground.sun.com/ipng
> FTP archive: ftp://playground.sun.com/pub/ipng
> Direct all administrative requests to [EMAIL PROTECTED]
> --------------------------------------------------------------------
>
