On Thu, Nov 19, 2009 at 10:36 AM, Tony Li <[email protected]> wrote: > Scott Brim wrote: >> >> Excerpts from William Herrin on Wed, Nov 11, 2009 07:04:54PM -0500: >>> >>> Important consequences of this are: >>> >>> a. Locators aren't about network attachments. They're about the >>> packet forwarding process and more abstractly about the network >>> topology. An element that always has exactly one attachment to the >>> network is likely a holy grail. Case and point, the IP address on my >>> BGP router with two upstreams is certainly a locator but it clearly >>> has two points of attachment. >> >> I think this conflates two things we distinguished for a while, and >> the distinction should not be lost. I don't remember the name for the >> second one, but we have >> >> - names for a network attachment points ("locator") >> >> - information used for forwarding at intermediate hops (forwarding >> directives? something like that. was it Noel's?) > > Indeed, if you have explicit forwarding instructions, you use that. > > Locators are necessarily about network attachments (per stack). If a host > has multiple points of attachment, then it should have multiple locators. > And only one identifier. >
Only one...? IMHO, a PKI certificate identifies a stack/person/host so it is a identifier in the RRG terminology, right? http://trac.tools.ietf.org/group/irtf/trac/wiki/RRGTerminology A second identifier is needed, that will provide mobility (fixed and mobile site, endpoint) and not as complex to deploy as a PKI infrastructure, also less secure than the PKI infrastructure. Think this needs be clarified, if not - there is a risk that the new identifier will have too much security features and start to compete with the PKI infrastructure?? -- patte _______________________________________________ rrg mailing list [email protected] http://www.irtf.org/mailman/listinfo/rrg
