RE: Identifiers

["marcelo bagnulo" <mbagnulo@ing.uc3m.es>]

Hi Iljitsch,

[...]

> Personally, I think the best choice would be to remain agnostic about
> the identifier issue for now, but build our negotiation protocol such
> that they can be added easily later. For now, we build a "no
> identifier" type solution. Solving the problem of how a correspondent
> proves ownership of an identifier can then be deferred until such time
> that someone actually wants to extend the multi6 solution to support
> identifiers. So the only thing we have to do now is make sure the
> protocols are flexible enough to allow such extensions.
>
> Thoughts?

I am sorry, but i fail to understand what would be usage for such protocol.
I mean, until you provide the security features, we cannot deploy the
protocol, since it would be unsafe to adopt it, so what's the point on
having it defined?
Moreover, if you try to define a protocol that is general enough to support
all the different authentication mechanisms, i guess it will be more complex
that a protocol that actually relies on a defined mechanism.
I agree that the issues right now w.r.t. preserving established
communications is about choosing a security mechanism, so IMHO if we want to
provide a solution for this problem we will have to make our mind and decide
something on how to do this.
I guess that the architectural analysis is conceived to provide the required
background to make such choice.

But, perhaps i misunderstood your proposal?

Regards, marcelo

>
>