[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/ Notes)



Ohta-san,

As so many times before, I am getting tired, since
this discussion is getting more or less ridiculous.
But that may be my fault, of course.

The id/loc mapping itself needs some kind of protection,
For most mapping, cookie is the protection.
For mobility mapping, the protection should use shared secret.
Depending on the definition of cookie, I may agree.
Depending on how you get the shared secret, I may agree.

Hence, please be more specific.  And please explain in
detail how you *bootstrap* the system.
It is of course that cookie is exchanged with three way handshake
and the shared secret is shared OOB.
It is good that you think that we need a 3-way handshake
for a cookie.  There we may agree.

Assuming a shared secret, exchanged OOB, between any two
arbitrary hosts in the Internet, is, well, interesting.
But apparently you are not claiming that.

Note that the shared secret is necessary only between HA and
MH (rest is done by cookie) that the secret is shared when
MH owner asks HA service to the administrator of the HA and
configured to MH when a HA address is configured.
What is a HA in a multi-homing situation?  Are you assuming
some kind of infrastructure at the Internet, i.e. outside
of the multi-homed network?  If so, you open up the space
for zillions of interesting solutions, most of which have
very interesting single-point-of-failures or bottlenecks.
And even in the simple case bootstrapping the shared secret
between the multi-homed host and the infrastructure may
turn out much more challenging than what you seem to assume.

--Pekka