> >> Brian Zill writes: > >> One advantage of having scoped addresses defined > >> in the IPv6 architecture from the start is that > >> applications can know not to pass them outside > >> of their scope. > > > > NO. > > > > 1. applications don't know where their scope ends. > > They don't need to. If they are communicating with another entity via a > site-local address, then that entity is by definition within scope.
that doesn't mean that the entity that will end up using the address is within scope. where do you get the idea that all referrals are one hop? furthermore it's wrong (or at least incomplete) because a host can have access to multiple scopes. > Therefore they can legitimately pass a site-local address in the data > stream to that entity. Otherwise, they can't. Very simple and > straight-forward. it's simple, straight-forward -- and incorrect. > > 2. expecting applications to know about network > > topology drastically increases their complexity > > without any recognizable benefits. > > As noted above, the applications don't need to know anything about the > network topology, they only need to know what kind of addresses they are > using. False. there's no way that a referrer can know what scopes the party to which the addresses are being referred has access to. the best the referrer can do is refer all available addresses. even then, without global scope IDs we don't have a way for the party using those referrals to know which addresses are valid in the scopes to which it has access. > If, however, random global address which happened not to be > globally routable (due to firewalls/filters) were used, the app couldn't > determine this, and could end up blindly passing these non-routable > addresses around in the data stream. yes, but since the addresses are global the party that is *using* the addresses has at least some chance of knowing whether it has access to them. (for instance, does it have a route to that net?) more importantly, if you get rid of SLs there's far less need to pass so many addresses around, so the chance that either (a) the address will work or (b) the situation is beyond reasonable ability of an app to fix, is far greater. > Using site-local addresses solves this problem. no, it exacerbates the problem. Keith -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
