Re: additional attack for multi6 threat draft?

["Spencer Dawkins" <spencer@mcsr-labs.org>]

OK, this is not a helpful response.

If RR based verification really is a MUST, shouldn't that be written
down somewhere (more authoritative than the multi6 mailing list),
along with at least a basic explanation of why?

Can anyone provide a pointer to such a requirement, preferably in an
archival document that is at least BCP (and preferably
standards-track)?

FWIW, the biggest impediment for moving past "the IESG must review and
approve all specifications" is the view that working groups don't
understand requirements like this one. Having WG participants "guess
why" isn't likely to help improve understanding.

Spencer

----- Original Message ----- 
From: "Masataka Ohta" <mohta@necom830.hpcl.titech.ac.jp>
To: <mbagnulo@ing.uc3m.es>
Cc: <multi6@ops.ietf.org>
Sent: Monday, December 08, 2003 6:03 AM
Subject: Re: additional attack for multi6 threat draft?
> >>
> >>On the Internet, RR based verification is MUST,
> >
> >
> > Why?
>
> Why?
>
> Can you name some protocol that does not do this?
>
> If you can't, guess "why?".