Paul Vixie wrote: > i realized in that moment, that ULA-G (and therefore ULA-C) is not an > end run around PI space, it's an end run around the DFZ. some day, the > people who are then responsible for global address policy and global > internet operations, will end the "tyranny of the core" by which we > cripple all network owners in their available choices of address > space, based solely on the tempermental fragility of the internet's > core routing system. but we appear not to be the generation who will > make that leap. Mumble. It's hard for me to buy the idea of there not being a "core" portion of the Internet from which all public addresses are reachable. But I can imagine a world in which there are industry-specific cores, "mini-cores" if you will, that aren't part of the public Internet (in that they are not reachable in general from networks that aren't connected to that mini-core) but which provide reachability between parties within a particular industry. For instance, I could imagine the banking industry having a mini-core that facilitated transactions between banks, and there being another mini-core to facilitate transactions between automobile manufacturers and their parts suppliers, and another mini-core that served to connect retail chains with their product suppliers. A business could connect to multiple mini-cores. And part of the purpose of these mini-cores would be to let businesses with mutual interest in connecting, connect without having to arrange bilateral private interconnection, and still have their b2b machines isolated from the public network. All of those mini-cores could, in principle, exchange advertisements of reachability to ULA prefixes, or for that matter other kinds of prefixes. Most of the businesses that had presence on those mini-core networks would also have presence on the public Internet for public web access, email, etc., and they would need public prefixes for that. And it might even be the case that those applications that offered services to the public would be tolerant of renumbering. What bugs me is that I think that the existence of mini-cores (or more generally, a large number of private interconnections between networks using ULA prefixes) leads to a world where it becomes important to have a particular kind of source address to talk to a particular kind of destination address, and in which applications are expected to choose the right source address in order to talk to a particular kind of destination address. So the sources addresses available to a particular host end up being like a keyring. I don't think that's a good burden to put on apps, and I don't think that using addresses like authentication tokens is a good way to go. Keith _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf