Eliot Lear wrote: > Brian E Carpenter wrote: > > > The other point that's been missed here is that the > security-by-hiding > > argument is only part of the story. Stable address space for > > intermittently connected networks, unambiguous address > space for VPNs, > > and stable identifiers for multihoming, are also needed. > Whatever your > > religion on the hiding argument, these other needs have to > be met, and > > are not met by PA prefixes. > > And to be frank, Brian, I am not convinced that even this > argument has > been thought out well. For instance, how will systems be restricted > from having both types of IP addresses?
Some scenarios actually want both. Why do you assume that having both is a problem? > Will it be a host policy or a network policy? That needs to be a local decision. The IETF is not in the business of telling people how to run their networks. > If it's a network policy, how does that work with > stateless autoconfiguration? If the goal is only to allow local, then only put a local in the RA. If it is only to allow global, likewise. If there are to be a mix on the same wire, it is a host policy by definition. Tony -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
