[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: About draft-arifumi-lin6-multihome-api-00.txt (was Re: Call forpresentations)

To: Arifumi Matsumoto <arifumi@kuis.kyoto-u.ac.jp>
Subject: Re: About draft-arifumi-lin6-multihome-api-00.txt (was Re: Call forpresentations)
From: marcelo bagnulo <marcelo@it.uc3m.es>
Date: 25 Jun 2003 18:32:01 +0200
Cc: fujikawa@i.kyoto-u.ac.jp, multi6@ops.ietf.org
In-reply-to: <20030625124606.72495f7c.arifumi@kuis.kyoto-u.ac.jp>
References: <200306200036.JAA10113@necom830.hpcl.titech.ac.jp><BF93B24E-A33B-11D7-9791-000393A638B2@kurtis.pp.se><3wwufdp8j9.wl@bmdi2216.bmobile.ne.jp> <1056384603.516.22.camel@presto><20030624164728.1d59f85a.arifumi@kuis.kyoto-u.ac.jp> <20030625124606.72495f7c.arifumi@kuis.kyoto-u.ac.jp>

On Wed, 2003-06-25 at 05:46, Arifumi Matsumoto wrote:
> Hi,
> 
> > > Another question is related to security, i.e. how do you authenticate
> > > the addresses actually belong to the node that is claiming its
> > > ownership? This is a very important and difficult issue as far i can
> > > tell, and it should be addressed.
> > 
> > This is also mentioned in the LIN6's draft above. In LIN6
> > layer, address information are exchanged and updated in
> > a secure manner using cookies exchanged through a location
> > query to the MA.
> 
> I made a mistake at this point. This issue hasn't yet
> mentioned in this draft. But note that this simple
> cookie authentication mechanism has already implemented

I do not know what do you mean by simple, but i would say that security
issues related to multi-homing are very relevant and i am not sure that
a so simple solution would do the job. Check the mobileip security
issues which are addressing somehow related problems.

> in LIN6 so that every LIN6 node can notify his addresses to
> his correspondent securely.
> There is a paper on this cookie authentication mechanism 
> submitted by LIN6 developers. But, unfortunately, this is
> in japanese only.
> 
> I'm not sure whether the LIN6 draft will be updated or not.
> 
I guess that this would be a problem for your draft, especially if the
solution relies on LIN6 undocumented security features (at least not
documented in English :-) since we will not be capable to understand the
security implications.


Regards, marcelo

> --
> Arifumi Matsumoto
>

References:
- Re: Call for presentations
  - From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
- Re: Call for presentations
  - From: Kurt Erik Lindqvist <kurtis@kurtis.pp.se>
- Re: Call for presentations
  - From: FUJIKAWA Kenji <fujikawa@i.kyoto-u.ac.jp>
- About draft-arifumi-lin6-multihome-api-00.txt (was Re: Call forpresentations)
  - From: marcelo bagnulo <marcelo@it.uc3m.es>
- Re: About draft-arifumi-lin6-multihome-api-00.txt (was Re: Call forpresentations)
  - From: Arifumi Matsumoto <arifumi@kuis.kyoto-u.ac.jp>
- Re: About draft-arifumi-lin6-multihome-api-00.txt (was Re: Call forpresentations)
  - From: Arifumi Matsumoto <arifumi@kuis.kyoto-u.ac.jp>

Prev by Date: Re: About draft-arifumi-lin6-multihome-api-00.txt (was Re: Call forpresentations)
Next by Date: Re: about draft-ohira-assign-select-e2e-multihome-00.txt (was :Re: Call for presentations)
Previous by thread: Re: About draft-arifumi-lin6-multihome-api-00.txt (was Re: Call forpresentations)
Next by thread: Re: About draft-arifumi-lin6-multihome-api-00.txt (was Re: Call forpresentations)
Index(es):
- Date
- Thread