On Jul 8, 2008, at 9:59 AM, Tony Li wrote:
|2/ an engineering judgment call of whether one could borrow MAC
address
| to serve the above purpose.
| (this is similar to the existing TCP design of borrowing IP
| address as part of TCP's connection ID)
|
|2/ represents an engineering tradeoff because the borrowing saves the
|trouble of managing another new ID space.
2/ also creates a significant security issue. If a MAC address is
visible
outside of the local subnet, then it implies that someone can track
a host
as it migrates across the Internet. That's been widely discussed
during the
first iteration of GSE and pretty generally viewed as a Bad Idea.
At the
very least, there needs to be a mechanism to escape from the MAC
address and
jump to a separately assigned space.
Tony
the above is just one of the factors of why I call 2/ an engineering
judgment call: it gives some saving, but definitely has associated
cost with doing so.
If one has a clear description of all the desired properties of a true
node ID, then one can see more clearly what are the costs of this
borrowing idea.
Lixia
--
to unsubscribe send a message to [EMAIL PROTECTED] with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg
