Pekka Savola wrote: > > On Thu, 23 Jan 2003, Brian E Carpenter wrote: > > > Substantial: > > > > > > This document proposes an approach to allocating IPv6 Site-Local > > > address so they are globally unique and routable only inside of a > > > site. > > > > > > ==> it would be good to go a bit more in depth to how this is actually a > > > problem. For some it surely isn't; if they don't need to prepare for > > > site-mergers, for example. > > > > Can you define the class of sites that absolutely, definitely, > > until the end of time, are guaranteed not to merge? > > Well, it depends on quite a bit about which is the usage model for > site-locals. For example, home nets probably don't merge if we would > mandate that site-locals should not cross home-to-office VPN's.
Let me be provocative. With proper e2e security, VPNs will become historic. And one of the benefits of IPv6 is supposd to be proper e2e security, as a result of having proper e2e addressing. > > But of course, there can be not absolute guarantee. Yes. Scenario: Mum and Dad share a LAN. One day they discover that young Johnny has set up his own LAN in his bedroom. They connect them together, and both of them have printers on FEC0::0002. Brian -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
