On Mon, Apr 26, 2004 at 10:14:02AM -0700, Alain Durand wrote: > Let me try to explain why I, as an implementor, do not like the M/O > bits very much. > ...
Alain, Could you explain how the functionality of the O/M bits will be replaced within the ND/etc protocols? Or should they not be replaced? Until now, most people have not worried about DNS resolver discovery because they run dual-stack networks (and thus use IPv4 transport DNS), but hosts autoconfiguring in an IPv6-only environment need a method to get DNS and other configuration info. I agree they can just try DHCPv6, rather than being told to do so. So is your argument that the client should decide which protocols to try, as per IPv4, rather than be "forced" to use DHCPv6 when DHCPv6 may not be secure? But whether the client decides to use DHCP, or an RA tells it to do so, there is no way to know whether the DHCP response is from a real or malicious server (who uses authenticated DHCP? :). And if you're not using DHCP you trust the RA for the network settings anyway. So isn't SEND the answer to this, rather than deprecating flags? You either run in an authenticated/trusted environment, or you don't... At present I would agree with the WG chairs' view. Tim -------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
