On 6-mrt-2006, at 2:34, Steven M. Bellovin wrote:
What Tony said, especially about what happened to 8+8. A lot of the
grounds for rejection were security, but there wasn't a single
security
person on the committee. In my opinion, most of the arguments just
didn't hold up.
[RB = routing bits, IB = identity bits]
So when I send you an 8+8 packet where [RB=me+IB=www.paypal.com] how
do you know that this is bad while if Paypal sends you a packet with
[RB=paypal+IB=www.paypal.com] that's good?
Also, how does 8+8 accomplish failover?
Original 8+8/GSE is incomplete. If you add the necessary extra stuff
and think about backward compatibility for a while, you end up with
something that's extremely close to shim6. If we add source address
rewriting to shim6 (which is certainly doable) the family resemblence
becomes even clearer.
