On Mon, 25 Mar 2002, Jari Arkko wrote: > First, we could allow e.g. www.cnn.com to accept different > levels, but this defeats the purpose of stronger security > since the weaker method could still be used by someone > to trick cnn into diverting your traffic somewhere else.
As long as backward compatibility is a requirement, I'm not sure this can be worked around anyway. > Second, we could be strict about the levels and only talk to > nodes that use stronger security. But this would restrict us > to a small set of nodes, RO or no RO. Assuming better than RR > security becomes necessary at some point, it's deployment would > be extremely hard (more on this in draft-aura-mipv6-bu-attacks, > section 6.2). > > Do you Pekka agree, or did you have some other form of manual > configuration in mind? Basically I was thinking only about securing some ND link-local messages, not on a global where some other mechanisms, e.g. IPSEC, might apply as well. Another alternative is use new network prefixes for secured sites (e.g. 2801::/16). This strikes me to as an unscalable mechanism, though. -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
