Re: [DNA] Route vs Advertise

[James Kempf <kempf@docomolabs-usa.com>]

Out implementation doesn't work that way. It just uses the prefixes in the
certificate to check whether the prefixes are certified or not, and drops
those that are uncertified if the host is configured to do so. It doesn't
uses the certification to determine what addresses to send to what router
since, as Erik says, that is not in the RFC 2461 conceptual model.

            jak

----- Original Message ----- 
From: "Erik Nordmark" <erik.nordmark@sun.com>
To: <greg.daley@eng.monash.edu.au>
Cc: "Sathya Narayanan" <sathya@research.panasonic.com>; "Dna"
<dna@eng.monash.edu.au>
Sent: Friday, June 03, 2005 10:44 AM
Subject: Re: [DNA] Route vs Advertise


> Greg Daley wrote:
>
> > The issue in SEND is essentially that in some circumstances we want to
> > guarantee that a router is actually delegated authority to route for
> > that prefix.   This is in the Certificate, not the PIO.
> >
> > I'd guess that the origin of the prefix doesn't matter (which RA the
> > PIO arrives in), although the certificate would indicate that only
> > those prefixes which are similarly authorized should be used as next
> > hops for packets with that source address.
>
> Is this something which has been implemented in the host SEND
> implementations? I can see it being quite hard since it fits neither the
> BSD-style code, nor the RFC 2461 conceptual model of a host.
>
>     Erik
>