Patte - > Both SCTP and MPTCP uses a 32-bit tag/token to provide a low level > security mechanism, in most cases it is good enough (e.g. web > browsing) - that is at least what the transport folks has concluded > (my interpretation) > > And shim6 people have concluded that CGA or HBA must be used. > > Why this conflict - is it due to that IPsec is mandatory in IPv6 and > similar security must be available in shim6?
No, it is just a different tradeoff between security and complexity. Note, though, that CGA/HBA alone cannot replace a random-token exchange, as an attacker could generate a CGA/HBA at which it is not reachable. - Christian _______________________________________________ rrg mailing list [email protected] http://www.irtf.org/mailman/listinfo/rrg
