[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PI/metro/geo [Re: The state of IPv6 multihoming development]

To: "Tony Li" <Tony.Li@procket.com>
Subject: Re: PI/metro/geo [Re: The state of IPv6 multihoming development]
From: RJ Atkinson <rja@extremenetworks.com>
Date: Mon, 4 Nov 2002 20:48:27 -0500
Cc: <multi6@ops.ietf.org>
In-reply-to: <D2EC481073504E498A8DB9C0687E8CAF01AD13BE@EXCHANGE0-0.na.procket.com>

On Monday, Nov 4, 2002, at 18:31 America/Montreal, Tony Li wrote:

| In fact we have an existence proof in both DNS & IEEE EUI that
| inadvertent & intentional duplication happens. So those
| mechanisms can't
| be used as 'globally unique' identifiers as they are. If we add some
| cryptographic properties, we can probably improve that.

Ok, but do we need actual perfect uniqueness? Or just 'pretty close'?
Operationally, 'pretty close' is a whole lot easier.

We don't *have* perfect uniqueness today. www.cnn.com is a set of hosts,
not a single host. DNS names are NOT globally unique today.
Neither are IP addresses, thanks to NAT or other widgets (e.g. load
balancer in front of server farm).

Since we don't have it today, I don't see how demanding absolute uniqueness
of identifiers is a reasonable thing to demand. And forged identifiers
are trivial today. In a new system there could be (at least) a mechanism
for providing optional authentication of the identifier.

Ran

Follow-Ups:
- RE: PI/metro/geo [Re: The state of IPv6 multihoming development]
  - From: "Tony Hain" <alh-ietf@tndh.net>

References:
- RE: PI/metro/geo [Re: The state of IPv6 multihoming development]
  - From: "Tony Li" <Tony.Li@procket.com>

Prev by Date: RE: PI/metro/geo [Re: The state of IPv6 multihoming development]
Next by Date: RE: PI/metro/geo [Re: The state of IPv6 multihoming development]
Previous by thread: RE: PI/metro/geo [Re: The state of IPv6 multihoming development]
Next by thread: RE: PI/metro/geo [Re: The state of IPv6 multihoming development]
Index(es):
- Date
- Thread