[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: preshared key in ipv6

To: sleepy-cat@263.net
Subject: Re: preshared key in ipv6
From: Paul Koning <ni1d@arrl.net>
Date: Mon, 22 Oct 2001 13:49:40 -0400
Cc: ipsec@lists.tislabs.com
References: <200110220706.PAA11174@csnet1>
Sender: owner-ipsec@lists.tislabs.com

Excerpt of message (sent 22 October 2001) by dxh:
> 	I know. But in some environments, the low 64 bits can be
> unique. For example, if a wireless ICP can guarantee this, he can
> use this trick for his customers.

Bad design decision.

Looking up a full V6 address is no harder than looking up a 64 bit
piece.  That way you don't have to rely on unreliable assumptions.
You don't implement a proprietary system that doesn't work when people
outside the closed group want to communicate.  And so on.

If full V6 address handling were difficult, then perhaps this sort of
shortcut would be justified.  But there is no benefit, only problems,
so why do it?

     paul

References:

Re: preshared key in ipv6

From: dxh <sleepy-cat@263.net>

Prev by Date: RE: what 's the use of ID payloads in Main mode of preshared key?
Next by Date: Re: preshared key in ipv6
Prev by thread: Re: preshared key in ipv6
Next by thread: Re: preshared key in ipv6
Index(es):
- Main
- Thread