Re[2]: national security

Dear Anthony,

RFC 2373 permits 6 plans. The best would be to organize them by purpose.Not them all to do the same thing. Here we talk about national security notabout intellectual elegance.

When you are at war, you want your network to continue operating, not todepend on a numeration optimisation by your ennemy. If, due to that, youmust lose some fancy facilities you probably find that acceptable. Toevaluate what you lose is the purpose of my question, to permitgovernements to decide what they want - not to be imposed by the nsicanntiab.

I am sure that many security officers or generals would feel unatease ifthey known their HQ IPv6 address can be just one unknown bit different fromthe IPv6 address of a ennemy computer. Makes security very complex. Whatthey want is an address mask, if possible manual, telling them where theyare and where the call comes from. This is also the need of commercialinternational sites, who want to indentify the country of origin to speakin the proper language. As well as VOiP users.

And please do not tell me that this is a breach on the calling party'sprivacy. The breach is the call by nature.

jfc







At 14:52 28/11/03, Anthony G. Atkielski wrote:

Content-Transfer-Encoding: 7bit

Jari Arkko writes:

> However, I do not believe these proposals consume any
> more address space than, say, manual or EUI-64
> based address assignment.

In order to use the full potential address space, you must devise a
scheme that allocates every single combination of bits.  The simplest
scheme of this kind is sequential allocation of addresses.

> There's still just one address consumed per
> node.

It's not the number consumed; it's the number excluded from availability
by the encoding of information into the address field.  You might easily
waste 99% of the address space in this way.

> Perhaps you were thinking that the address contains a MAC field?

No.  I'm thinking that the address field is being divided into zones,
thus wasting a tremendous amount of space.

A 128-bit field contains 2^128 addresses.  If you divide that into two
64-bit fields, you may get as few as 2^64*2 addresses; that's 18
million trillion times smaller than the 128-bit field.

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Re[4]: national security, (continued) Re: Re[4]: national security, Iljitsch van Beijnum Re[6]: national security, Anthony G. Atkielski Re: Re[4]: national security, Valdis . Kletnieks Re[6]: national security, Anthony G. Atkielski Re: national security, Jari Arkko Re[2]: national security, Anthony G. Atkielski Re: Re[2]: national security, Spencer Dawkins Re[4]: national security, Anthony G. Atkielski Re: Re[2]: national security, Valdis . Kletnieks Re[4]: national security, Anthony G. Atkielski Re[2]: national security, jfcm <= Re[3]: national security, Anthony G. Atkielski Re: Re[3]: national security, Valdis . Kletnieks Re: Re[3]: national security, jfcm Re[3]: national security, jfcm Re: Re[3]: national security, John C Klensin Re: national security, Paul Robinson Re: national security, vinton g. cerf Re: national security, jfcm Re: national security, Dean Anderson Re: national security, Valdis . Kletnieks