Rami Lehtonen wrote: > And when AH is used, the source address can also be verified, > which ties the source address and security options for that host.
Obviously when we have strong authentication we don't have a problem with bidding down! However, one of the starting points of the MIPv6 security work has been infrastructureless operation, where strong authentication with shared secrets or PKIs is not assumed to be available. Strong cryptographic methods for address ownership can still work, though. Jari -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
