On 08/21/2013 12:16 AM, Mikael Abrahamsson wrote: > >>> I think it would be good to reference SAVI-WG documents on first-hop >>> security instead of writing new text on the subject. >> >> Where, specifically? > > Under 7 where ra-guard is mentioned. Oh, btw, the paragraph on RA-guard > is missing a trailing ".".
Does SAVI prevnt forged RAs? -- Because that's why RA-Guard is being referenced. >>> Network_ID mentions SSID. What if I have an ethernet Interface and I >>> move my computer around, should it identify a new set of /64 network >>> address and/or gateway MAC address as a new network as well? I think >>> some text on this would be good guidance for implementors. >> >> That's left unspecified, since it might be tricky: there's might be more >> than one local router, for redundancy purposes -- but since it's the >> same network, you'd want your addresses to be stable. >> >> That's why in the SSID example we use the SSID, and not the router's MAC >> address or the like. > > If it's tricky, doesn't that specifically warrant more text on the subject? The Network_ID parameter is optional. If you can come up with a Network_ID for your network, you can use it. However, in the case of Ethernet I don't think there's an obvious candidate. So I'd persoanlly leave the text as is. Cheers, -- Fernando Gont SI6 Networks e-mail: [email protected] PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
