> A Protocol for Anycast Address Resolving -- Shingo Ata (10 min) > <http://www.ietf.org/internet-drafts/draft-ata-ipv6-anycast-resolving-00.txt>
The security considerations in the draft are quite weak. Perhaps we can start a discussion about this on the list. Since an anycast address is not syntactically distriguishable from a unicast address, a client of a unicast service can be spoofed using AARP to send packets to some other unicast address. This sounds very similar to the "remote redirect" aspect of binding updates in Mobile IPv6, thus I think very similar security requirements should apply. It might even be that some of the Mobile IPv6 security solutions (e.g. using return routability checks) can be reused for the anycast case. Erik -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
