On Mon, Jun 14, 2010 at 11:30 PM, RJ Atkinson <[email protected]> wrote: > Now, all that said, I don't see why this is suddenly > confusing to anyone.
Hi, Ran, Thanks for the re-summary. At least, I didn't say it confusing. It was only that I misunderstood the possible locality scope of identifier, the scope being a locator(subnet) not a site. > That noted, mobility can work fine with a local-scope > ID, because the session Nonce permits differentiation > of different nodes using the same (e.g. local-scope) > ID values. Implementations of ILNP are required to use > cryptographically-random Nonce values, so an off-path > attacker won't be able to predict a nonce value externally. In this scenario, do you also mean a case when the node moves off its original subnet around in a given site or even across sites? I think that's even possible even with such a local ID since o EUI-64 is rarely duplicate, and even in such a case o the Nonce will distinguish connections with the same value of endpoint ID. If this should be possible, I'd rather use local ID, for then I could eliminate one infrastructural element managing/governing/distributing the global IDs. -- DY _______________________________________________ rrg mailing list [email protected] http://www.irtf.org/mailman/listinfo/rrg
