[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/ Notes)

To: Pekka Nikander <pekka.nikander@nomadiclab.com>
Subject: Re: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/ Notes)
From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
Date: Fri, 25 Jul 2003 17:45:51 +0859 ()
Cc: marcelo bagnulo <marcelo@it.uc3m.es>, multi6@ops.ietf.org
In-reply-to: <3F20C4E5.50001@nomadiclab.com> from Pekka Nikander at "Jul 25,2003 08:49:25 am"

Pekka;

> As so many times before, I am getting tired, since
> this discussion is getting more or less ridiculous.
> But that may be my fault, of course.

That, seemingly, is because you are agreeing with me.

> > It is of course that cookie is exchanged with three way handshake
> > and the shared secret is shared OOB.
> 
> It is good that you think that we need a 3-way handshake
> for a cookie.  There we may agree.
> 
> Assuming a shared secret, exchanged OOB, between any two
> arbitrary hosts in the Internet, is, well, interesting.
> But apparently you are not claiming that.

So, there is no disagreement.

> > Note that the shared secret is necessary only between HA and
> > MH (rest is done by cookie) that the secret is shared when
> > MH owner asks HA service to the administrator of the HA and
> > configured to MH when a HA address is configured.
> 
> What is a HA in a multi-homing situation?

Good question.

> Are you assuming
> some kind of infrastructure at the Internet, i.e. outside
> of the multi-homed network?

Not at all.

HA is a server serving mobile hosts.

As is stated in my presentation of e2emh:

	IPv4 home agent is an end system

		provided by end users, just as WWW servers

		Foreign agent is intelligence in the network

HA is an end system, a server host, and does not belong to an
infrastructure of the Internet, just as WWW servers does not
belong to the infrastructure.

Thus, HA in a multi-homed site, of course, have multiple locators.

In addition, a mobile host may be served by multiple HAs.

It is already designed, implemented and running.

> If so, you open up the space
> for zillions of interesting solutions, most of which have
> very interesting single-point-of-failures or bottlenecks.
> And even in the simple case bootstrapping the shared secret
> between the multi-homed host and the infrastructure may
> turn out much more challenging than what you seem to assume.

So, there is no disagreement.

						Masataka Ohta

References:
- Re: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/ Notes)
  - From: Pekka Nikander <pekka.nikander@nomadiclab.com>

Prev by Date: Re: Minutes / Notes
Next by Date: Re: Fwd: Minutes / Notes
Previous by thread: Re: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/ Notes)
Next by thread: Re: Minutes / Notes
Index(es):
- Date
- Thread