[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: autoconfiguration
>I understand this to mean that a compliant implementation must be manually
>configured when it first boots. Automatic configuration is not possible
>because that would require network communication, which is not allowed.
>In particular, this would seem to conflict with IPv6's stateless address
>autoconfiguration.
>Would it be permissible for a compliant IPv6 implementation to have a
>default SPD that allows communication via link-local addresses to bypass
>IPsec, to support auto-configuration? Once the implementation has
>automatically configured addresses, I imagine that the implementation might
>proceed to configure the SPD from a network service.
Could you please let me know what kind of scenario is in your mind?
- What is the initial configuration (default settings) of endhost,
regarding to IPv6 and IPsec?
- What kind of RA packet will be announced? (with/without AH?)
itojun@kame.net
itojun@itojun.org
jun-ichiro itojun itoh
References: