[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cb64



On 29-jun-04, at 10:43, Erik Nordmark wrote:

But the protocol can still defer the public key operations until the first
locator change as far as I can tell.

But then this locator change wouldn't be protected by the key, so what's the point of having it? To provide proof that the third locator belongs to the same entity as the second locator?


I think it's essential to exchange _something_ that allows the other side to recognize its correspondent after a rehoming event before such a rehoming event happens (for the first time). Still, this doesn't have to be a very heavy-weight thing: transmitting some kind of hash would be enough, later this hash value can be used to authenticate a full key or hash chain. A good way to do this is would probably be in an extension header or end-to-end option in one of the early packets (not in the first one because it will delay session establishment if a firewall rejects the packet with the option, and we don't want to create state before return routability is established to avoid being too easily DoSable).