Re: draft-savola-multi6-asn-pi-01.txt

[Erik Nordmark <Erik.Nordmark@sun.com>]

> > In other words, is the situation you describe (where people have one
> > addressing scheme internally, and another externally, with NAT to map between
> > them) caused precisely by having too few name-spaces - or would the same
> > thing happen even if we also have an additional namespace of host identifiers?
> 
> This is a very good question. My feeling is that it's caused by today's
> overloading of an address as both a locator and as an identifier - so
> a solution such as NOID seems to avoid the problem without forcing us
> to create a truly independent name space. And since NOID would in practice
> allow locator-addresses to be chosen topologically, and identifier-addresses
> to be chosen arbitrarily, I think it's a proof-of-concept that with
> two namespaces (even if they are multiplexed out of a single address space)
> we can evade the topological argument for NAT.

Isn't there an issue about needing to support N global locators (used
for external communication) plus at least one local locator?
In the case of NOID, would it make sense to store the local locator together
with the global locators in the (global) DNS?

If you can't put them in the same lookup service, then you need some
mechanism to (securely) discover locators that are not in the lookup
service. (As an aside, if you have such a mechanism you could also use
it to share care-of addresses with your peer when being mobile.)

But I haven't found a way to do this with acceptable security in a scheme
like NOID. I was hoping that the hash chains in WIMP could be used for this
in NOID, but I think Jari convinced me that this has problems.

It can be done securely when there is a new namespace as in HIP, SIM, etc.

  Erik