Supplementary Question [Highlighted by a number of the security questions, but with a broader scope:] Should we document somewhere the benefits that an implementation can get in “dense deployment” modes Where every node can determine a priori the addresses of its signalling peers Example: if all peers are 1 IP hop away, addresses can be determined from the IP forwarding table Benefits include: Downstream routing state is trivial to store Route change detection is easier Could use certificates in TLS to verify that a peer really is the peer at a particular IP address Could secure against a number of on-path attacks Preference: don’t put this in the base specification! |