> > SeND is theoretically not easy to deploy - you need to provision > > cryptography material on all nodes.
=> Why? You only need to provision routers if you want them to support proof of prefix ownership, but you certainly don't need to provision all nodes, that's the advantage of CGAs. Hesham That implementations are not even > > properly integrated into operating systems makes it worse. I somewhat > > expect that somewhat secure networks will use network-side filtering as is > > done for ARP instead, as it requires no host-side changes. > > > > I don't think it deserves a "SHOULD" at this point. > > -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
