Hi Xiaohu,
>> If you want mobility, you need to use a globally unique identifier, > derived >> from EUI-64, as has been mentioned many times before. > > There is no mechanism for avoiding identifier theft when using EUI-64, > right? The identifier is secured by DNS and by the ILNP nonce. >> And, once again, attempted theft of an identifier will have no effect > unless >> the attacker can compromise DNS as well. > > The attacker doesn't need to compromise your DNS for interfering your normal > mobility service. For example, if the attacker using your identifier > accessed a subnet which you would access later during mobility, your > established session will be broken once you move to that subnet, correct? No. Your correspondents would have no knowledge or interaction with the attacker. Again, just knowing your identifier does not mean that it can be authenticated. I'm done repeating myself on this. Tony _______________________________________________ rrg mailing list [email protected] http://www.irtf.org/mailman/listinfo/rrg
