On 6-mrt-2006, at 2:34, Steven M. Bellovin wrote:
What Tony said, especially about what happened to 8+8. A lot of the grounds for rejection were security, but there wasn't a single security person on the committee. In my opinion, most of the arguments just didn't hold up.
[RB = routing bits, IB = identity bits] So when I send you an 8+8 packet where [RB=me+IB=www.paypal.com] how do you know that this is bad while if Paypal sends you a packet with [RB=paypal+IB=www.paypal.com] that's good? Also, how does 8+8 accomplish failover? Original 8+8/GSE is incomplete. If you add the necessary extra stuff and think about backward compatibility for a while, you end up with something that's extremely close to shim6. If we add source address rewriting to shim6 (which is certainly doable) the family resemblence becomes even clearer.