On 2008-05-26 12:49, Randall Atkinson wrote: > Earlier, Brian Carpenter wrote: ... > % In that role it could of course be replaced by some ID inserted > % at a level above IP (as it is in IPSEC over UDP, in effect), but we > % have to provide that at the same time as architecturally removing > % e2e addressing. And if you do that *except* by inserting an alternative > % 32 or 128 bit e2e quantity that looks just like an IP address, you > % create unthinkable amounts of disturbance to upper layer running code. > > That claim is NOT obvious to me.
... > Perhaps you were thinking of some security approach other than > IPsec or SSL/TLS ?? I think we don't know. Certainly the known cases are IPsec and TLS. We could trawl in RFCs 3789 through 3796 for others, but that wouldn't catch non-IETF protocols. Note, I *fully agree that "good non-topological identifiers" are what we should use; I'm only concerned about how to get there from here without a deployment problem that is just as hard as the IPv6 deployment problem. Brian -- to unsubscribe send a message to [EMAIL PROTECTED] with the word 'unsubscribe' in a single line as the message text body. archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg
