Alberto Escudero-Pascual wrote: > Alice requires a "strong exchange" that Mallory can not impersonate. > Mallory can fool Bob to use a weak method but can not fool > Alice that is > expecting a strong one from Bob. >
All Alice knows is that Bob is not asking for the same protection that Alice is. There are too many semantics being assumed about the magic bit. This specific response assumes that there is an implicit bi-directional requirement that if A sends the bit set to B, then B must use the same bit set in its address back to A. Yet in other messages all the magic bit says it that A doesn't want B to interpret any BU messages that can't be validated. Which is it??? Certainly there is no requirement for B to tell A that it shouldn't interpret a BU from it, since B may have a different policy at the moment. If you really want a protocol then create one, don't assume that a single bit sent in one direction can carry the semantics of a bi-directional protocol. In particular for the problem being solved, don't ever assume that the policies have to be symmetric. All this mechanism is trying to do is let the CN know how to interpret a BU sent on behalf of the MN should be interpreted in a specific way. That is a unidirectional statement, but might include a feedback path to let the MN know if the message was received and the CN will honor it. The opposing unidirectional statement MUST NOT be required to have the same interpretation. Tony -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
