[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: autoconfiguration

To: Richard Draves <richdr@microsoft.com>
Subject: Re: autoconfiguration
From: Jun-ichiro itojun Itoh <itojun@itojun.org>
Date: Tue, 06 Oct 1998 14:27:35 +0900
cc: "'IPsec'" <ipsec@tis.com>
In-reply-to: richdr's message of Mon, 05 Oct 1998 14:59:01 MST. <4D0A23B3F74DD111ACCD00805F31D8100AF813A1@RED-MSG-50>
Sender: owner-ipsec@ex.tis.com


>I understand this to mean that a compliant implementation must be manually
>configured when it first boots. Automatic configuration is not possible
>because that would require network communication, which is not allowed.
>In particular, this would seem to conflict with IPv6's stateless address
>autoconfiguration.
>Would it be permissible for a compliant IPv6 implementation to have a
>default SPD that allows communication via link-local addresses to bypass
>IPsec, to support auto-configuration? Once the implementation has
>automatically configured addresses, I imagine that the implementation might
>proceed to configure the SPD from a network service.

	Could you please let me know what kind of scenario is in your mind?
	- What is the initial configuration (default settings) of endhost,
	  regarding to IPv6 and IPsec?
	- What kind of RA packet will be announced? (with/without AH?)

itojun@kame.net
itojun@itojun.org
jun-ichiro itojun itoh

References:

autoconfiguration

From: Richard Draves <richdr@microsoft.com>

Prev by Date: Re: autoconfiguration
Next by Date: RE: autoconfiguration
Prev by thread: Re: autoconfiguration
Next by thread: Re: autoconfiguration
Index(es):
- Main
- Thread