> It aligns access policy with the device rather than a difficult to > manage table at every edge of the network. This is much simpler at > scale.
neither one scales well, but for many networks (those with only one border router) you'd rather control the edge than the hosts. ideally you want to specify this more-or-less centrally and communicate it to all concerned parties. that way you get security in depth. but SL is not sufficient for this purpose. not by a longshot. and if you develop a mechanism to communicate this policy, then you don't need to use SLs for this anymore. -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
