Mohan Parthasarathy wrote: > t very clear as to why you have to reserve a bit in the > address to express different security mechanisms being used. Why can't > this be built into the protocol itself ? Is it because that the future > security mechanisms will not use the same set of message exchanges as > RR and hence you want a protocol independent way of indicating the method ? > I would assume that any mechanism to establish the binding between home > address and care of address would have a few message exchanges. Can you
Because the MitM attacker can change everything related to these messages, it doesn't help to put anything to the messages for the bidding down protection. Note that the MitM can also change the IP address, but if he does so, he is *not* attacking the original host, as the address is changed. Jari -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
