[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New multi6 draft: WIMP

To: Iljitsch van Beijnum <iljitsch@muada.com>
Subject: Re: New multi6 draft: WIMP
From: Jukka Ylitalo <jukka.ylitalo@nomadiclab.com>
Date: Mon, 16 Feb 2004 13:17:27 +0200
Cc: Erik Nordmark <Erik.Nordmark@sun.com>, Multi6 List <multi6@ops.ietf.org>
In-reply-to: <BAE72F2A-605B-11D8-B5AA-000A95CD987A@muada.com>
References: <Roam.SIMC.2.0.6.1076914219.15343.nordmark@bebop.france> <BAE72F2A-605B-11D8-B5AA-000A95CD987A@muada.com>
User-agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.5) Gecko/20040114

Iljitsch van Beijnum wrote:

On 16-feb-04, at 7:50, Erik Nordmark wrote:

I don't see why this is a problem when 1) the signalling protocol (which advances the hash element to use/reveal) has at most one outstanding operation

I think this is harder than it would at first glance seem. For instance, if a MitM can trigger both ends to start an exchange at approximately the same time.

This is why I chose to exchange a key in cleartext in my ODT draft in the absense of strong authentication.

Hi Iljitsch,

The ephemeral IDs of the initiators protect the hosts in the case they start the exchange at the same time. In other words, it is not possible that two initiator's have identical hash chains and common context in both end-points.

If I didn't give an answer to the problem, could you elaborate the scenario.
(I am currently reading your ODT draft.)

Thanks, Jukka

References:
- Re: New multi6 draft: WIMP
  - From: Erik Nordmark <Erik.Nordmark@sun.com>
- Re: New multi6 draft: WIMP
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

Prev by Date: RE: CELP (was RE:)
Next by Date: HIP firewalling
Previous by thread: Re: New multi6 draft: WIMP
Next by thread: Re: New multi6 draft: WIMP
Index(es):
- Date
- Thread