Francis Dupont wrote:
> - second the verification implies an expensive crypto operation > (typically a signature check) so the scheme is subject to trival DoS > attack, especially if each packet has to be checked (so or a session > key is negociated with an even more expensive and complex protocol, > or the use of CGA/KBA is very limited). This issue can be handled. For an example in the mipv6 space, see draft-roe-mobileip-updateauth-02.txt. > - last I don't believe you can manage real trust with only one bit > and if you need more bits to negociate someting the IPv6 address > will become quickly too small. IMHO this is a dead-end. Actually, I think a single bit is sufficient. Given that any information can be included in the hash besides the public key, the usage of the bit is not limited to the one who first claims it. Of course, we probably would want to limit its use but there are no technical problems in using the same hash scheme for multiple purposes. The same applies also to DNS-based and AAA-based schemes as well. Jari -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
