> I am not trying to attack, to the contrary I think I have simply been > focused on defending a discussion settled so long ago that most of the > interested parties have assumed it is done and they don't need to stay > engaged.
I guess I disagree that the most interested parties - the developers of applications - were ever in the loop. This is IMHO IETF's biggest problem - working groups narrowly focused on specific problems routinely create large difficulties for interests that aren't involved in the working group. Zeroconf is another good example - by imposing LL addresses on IPv4 it is creating many of the same problems for v4 apps that SLs cause for v6 apps. (actually a couple of additional ones - at least v6 SLs are stable) > The only personal comment I am aware of was pointing out that > you were asking for people to state why SL was necessary, but every time > someone did you dismissed it out of hand because it didn't fit your > policy of how a network should be run. Well first I have this bizarre idea that networks exist to support a variety of applications - granted that this doesn't apply to _all_ networks, but I think it applies to most of them. Second I have this bizarre idea that if you want to impair operation of networks and of applications in the name of security, you should actually get a considerable security benefit from that impairment - and I don't think that has been demonstrated. > You have a valid argument about making developers of multi-party apps > aware that scope boundaries represent a new adventure that is not well > defined yet. That does not automatically translate into the condition > that all uses of SL are invalid (particularly 2 party ones). So instead > of trying to blanket ban or restrict use of SL, state where the known > pitfalls are, and let's move on. I think it makes far more sense to restrict or discourage use of SLs by networks than to restrict use of SLs by certain kinds of applications. I can't see any harm in doing the former, and doing the latter impairs the ability to run off-the-shelf multi-party apps anywhwere in the network. In effect it drastcially limits the market and the deployability of multi-party apps. In theory NATs wouldn't cause problems if they were only deployed on networks where they were known to not interfere with the apps that were running on those networks. In practice people have expected to run a variety of apps on NATted networks anyway, and no amount of complexity has produced a general-purpose solution to that problem. We need to restrict use of SL so that IPv6 doesn't end up causing most of the same problems for apps that NATs in IPv4 do. Keith -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
