[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MAST and mip based solution



>
> About mip for multi-homing.
> Yes, mip has some issues when trying to use it for multi-homing.
>
> If you assume that an end-host solution is required (i include here
> solutions that use some form of proxy in the site's network), you
will find
> that it is very difficult to provide a solution that doesn?t
introduce new
> security issues.

[deleted down to ]

> The other option is to use a solution that it is not as secure as we
would
> like.

This is only my opinion, but I would expect we would get more
simplification from dropping the requirement to support simultaneous
movement at both ends than we would from relaxing security - the
requirement for a rendezvous function in the network comes from
simultaneous movement, and that gives us dependencies on network
infrastructure changes.

The vast majority of today's mobile ("portable") users have TCP
connections on IPv4 devices that break when they cross subnet
boundaries. Supporting movement at one end would be an improvement.
Supporting simultaneous movement at both ends would be lovely, but so
far, we haven't widely deployed a solution that provides that
capability. Meanwhile, they continue to run client-server applications
with short connection lifetimes because that's what works in today's
networks.

End-to-end MAST really could help us move to peer-to-peer applications
in many, but not all, environments. MIP is certainly a more complete
solution, and I'm not bashing MIP here, only suggesting that MAST may
really have a role for multihoming support, without reducing security.
MAST or HIP? I think that's the question for multihoming.

Just my opinion here, and not all that clearly thought out...

Spencer

Spencer