Re: reachability test verification (was Re: Comments on draft-bagnulo-multi6dt-hba-00.txt

[marcelo bagnulo braun <marcelo@it.uc3m.es>]

El 17/11/2004, a las 17:56, Jari Arkko escribió:

> marcelo bagnulo braun wrote:
> > Hi Jari,
> > El 16/11/2004, a las 20:38, Jari Arkko escribió:
> > > As for the number of hash verifications, it would seem that
> > > you only have to verify those addresses that you actually use
> > > for exchanging packets with the peer. That is, if there is no
> > > problem you don't necessarily have to verify anything. And
> > > if you have a problem, it suffices to test the addresses
> > > that you actually end up switching to instead. (I'm still
> > > wondering whether the test packets sent to address X need
> > > verification of X; there may be some denial-of-service issues
> > > if we don't do that.)
> > The question would be: do we do the reachanility test first or the 
> > HBA verification first? is this what you have in mind?
>
> That was the question I had. It seems that it would be best
> if you could verify HBA/CGA first and only then send a packet.

agree

regards, marcelo


> --Jari
------------------------------------------
Please note that my former email address
mbagnulo@ing.uc3m.es is no longer in use
Please send mail to:
marcelo at it dot uc3m dot es
------------------------------------------