draft-thaler-ipv6-ndproxy-02.txt says:
> o Support secure IPv6 neighbor discovery. This is discussed in
> the Security Considerations section.
I don't understand what it means to support SEND, given that the
combination of SEND and ndproxy currently doesn't work.
> As a result, securing Neighbor Discovery or ARP must take into
> account the ability to proxy messages. This document does not
> introduce any new requirements in this regard.
I would be much clearer if the document instead said
This document assumes that SEND provide security for
proxy neighbor advertisement.
The fact that SEND doesn't currently provide security for proxy neighbor
advertisements is an indication that 1) there isn't much perceived need
for it and/or 2) it is hard to do since authorization is a challenge.
Hence it is useful to be very clear about the assumption on what SEND
provides.
Erik
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[EMAIL PROTECTED]
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
