Putting two things together:
On 22-Jan-21 07:57, Phillip Hallam-Baker wrote:
...
> A ULA->Public key registry provides exactly the right degree of incentive. It allows us to take an area that is currently flaky as heck and make it 'just work'. That area is VPN access.
Yes, but afaik you (or I) can't claim ownership of random numbers. So if my ULA prefix is fd63:45eb:dc14::/48 and I provide a public key for it, what's to stop you using the same prefix and providing your own public key for it?
On 22-Jan-21 01:20, Michael Richardson wrote:
> Brian E Carpenter <brian.e.carpenter@xxxxxxxxx> wrote:
> >> While ULAs and privacy enhanced addresses have important uses for
> >> individual privacy, when it comes to non-moving business/enterprise
> >> infrastructure, audit and accountability is much more important, and
> >> ULA-R does not satisfy that.
>
> > How is that problem solved today for RFC 1918 addresses?
>
> It's not.
If ULA usage is validated by a public key, that might appear to support audit and accountability, but only if there's a third-party guarantee of uniqueness. I think Michael has an important point here. A self-assigned ULA prefix has no more legal significance than a Net 10 address.
Regards
Brian
