Re: Minutes / Notes

[Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>]

Kurt;

> >> b) Introducing loc / id separation will require mapping, one way or 
> >> the
> >> other.
> >
> > Wrong. The separation requires that a host know id and locators of
> > its peer with reasonable security.
> 
> That is a mapping state in it self.

It is a state. You can call it a mapped state. But, there is no
mapping service required.

That no service required means no additional security required.

> >> This introduces new bindings that needs to be secured.
> >
> > The separation requires that a host know id and locators of its
> > peer with reasonable security. An initial packet of a connection
> > containing all of them is just secure.
> 
> That is as secure as the trust relationship of the creator of the 
> packet.

Exactly.

That is, the statement:

> >> This introduces new bindings that needs to be secured.

is wrong and the existing bindings has certain security which
is just enough for weak security.

HIP, having no trust relationship between the creators of the initial
packets, for example, means no better security, even though HIP
tries to, in vain, cryptographically maintain identify of the creators.

							Masataka Ohta