AC> You have a fundamental problem, and this is why neither IPv6 or bootp
AC> are any more secure to these forms of attack. Unless you burn keys
AC> into the roms or onto the disks of hosts by a non IP method you will
AC> never be able to set up the first secure session to learn the others -
AC> you have a problem akin to a PGP web of trust with nobody else to
AC> trust. With IPv6 you can at least theoretically implement IP-ESP
AC> (encryption headers) even on link layer "neighbour discovery" packets.
You'll need those host-local keys in every case, yes. Otherwise you'd have
to fear the man in the middle.
AC> In IPv6 there is local IPv6 rather than ARP thus one day we can crypt
AC> those too.
Which is probably no good idea because the amount of data you crypt
determines the weakness of the key in use. You'd better use the host-local
key to establish some new SPI with your neighbour via some KMP. But the KMP
access will trigger ICMPv6 neighbour discovery traffic. To cope with this
problem you'd have to specify static SPI's between all of your machines
(n*(n-1)), which doesn't scale well. It's all not THAT easy, is it?
Read ya later,...
Ulrich.
PS: See http://www.ibr.cs.tu-bs.de/general/papers/sicherheit-flegel.ps.gz
for further security implications of the IPv6 suite. It's my master thesis
and it's written in german language, so probably it's not an option for all
of you.