Christian,
At one level, I agree with you. But I do think it would be possible to
provide security for proxy ND (having thought about the issue a bit and even
written something on it that I did not publish), but I believe it would take
stronger security than is currently in SEND for ND. One obvious approach
would be to require a third party trust root, like RD in SEND already does.
But there might be others.
jak
----- Original Message -----
From: "Christian Huitema" <[EMAIL PROTECTED]>
To: "Fred Templin" <[EMAIL PROTECTED]>; "James Kempf"
<[EMAIL PROTECTED]>; "Erik Nordmark" <[EMAIL PROTECTED]>; "Dave
Thaler" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, March 02, 2004 6:00 PM
Subject: RE: ndproxy and SEND
> ND proxy is the equivalent of ARP spoofing.
> SEND is the antidote to ARP spoofing.
> Why should we be surprised that they are not compatible?
>
> -- Christian Huitema
>
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> [EMAIL PROTECTED]
> Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>
>
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[EMAIL PROTECTED]
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
