Hello, >> In any case, the policy delivered on the secured channel should be used. >>That is what the draft suggests. >>Make sense ?
If the different policy tables were received from different administrative domains, I don't see yet why it would make sense to prefer one of them to another based on whether one of the channel was secured. In case an interface which delivered secured policy table is not preferred by routing metric, the copy of the table received over such interface may be irrelevant or harmful. Thanks, Dmitry From: Arifumi Matsumoto [mailto:[email protected]] Sent: Thursday, November 17, 2011 9:14 PM To: Dmitry Anipko Cc: [email protected] Subject: Re: multiple policy tables handling in draft-ietf-6man-addr-select-opt-01 Hi, thank you for your comment. On 2011/11/14, at 14:21, Dmitry Anipko wrote: Hello, I have a question about this text the -01 revision: >>A node MAY use OPTION_DASP in any of the following two cases: 1: The address selection option is delivered across a secure, trusted channel. The OPTION_DASP is configured by a network administrator, presumably based on some knowledge they have about what makes more or less sense in the particular network. How whether or not a secure channel has been used on one of the networks relates to whether or not the admin of that network has knowledge of a completely different network the host may simultaneously be connected to? In any case, the policy delivered on the secured channel should be used. That is what the draft suggests. Make sense ?
-------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
