[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Identifiers

To: Francis Dupont <Francis.Dupont@enst-bretagne.fr>
Subject: Re: Identifiers
From: Brian E Carpenter <brc@zurich.ibm.com>
Date: Wed, 24 Mar 2004 17:46:28 +0100
Cc: Iljitsch van Beijnum <iljitsch@muada.com>, Multi6 List <multi6@ops.ietf.org>
Organization: IBM
References: <200403241520.i2OFKOSj046192@givry.rennes.enst-bretagne.fr>

Francis Dupont wrote:
> 
>  In your previous mail you wrote:
> 
>    Our problem is not ownership. It is surviving changes in existing
>   connectivity without opening the door to hijacking or DoS. All we need
>   to authenticate is that after a multihoming event, we are still
>   talking to the same entity at the other end.
> 
> => this is a different problem: the binding between the identifier and
> the locators and we can divide it into three parts:
>  - can be the multi-homing signaling modified by an attacker on the path?
>  - have we to trust the peer not to give a fake locator?
>  - have we better properties about locators?
> As in multi-homing we have static locators even the last part can be
> a reasonable goal.
> But the subject of this thread is "Identifiers" so I don't understand
> your intent...

My intent is to observe that for the problem this WG is supposed to
solve, we don't care whether the claimed identifier at the beginning
of a session is genuine. What we care about (rather like TLS) is whether
the two communicating entities remain the same even if the session suffers
a rehoming event. I don't think we are disagreeing.

   Brian

Follow-Ups:
- RE: Identifiers
  - From: "marcelo bagnulo" <mbagnulo@ing.uc3m.es>

References:
- Re: Identifiers
  - From: Francis Dupont <Francis.Dupont@enst-bretagne.fr>

Prev by Date: RE: Identifiers
Next by Date: Re: Identifiers
Previous by thread: Re: Identifiers
Next by thread: RE: Identifiers
Index(es):
- Date
- Thread