[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Modified CGAs? [Re: about Wedgelayer 3.5 / Fat IP approaches]



marcelo bagnulo braun wrote:

El 30/06/2004, a las 17:29, Brian E Carpenter escribió:



CGAs have other downsides for multihoming, too.


such as?



<chair hat off>


I really don't want to start a discussion here about cryptographic
strength, but my objection to CGAs in the multi6 context is that they
include the /48 prefix in the hash, and that is variable in multi6,
which means that the host ID changes when you change prefix. I think
that's an unfortunate property because it eliminates some possible
tricks in the ID/locator split.


Well, probably it is my fault for using the wrong terminology, but i was considering cgas as a concept rather than the specific approach followed by the send wg.
for instance you can consider the cb64 draft or even the ideas discussed between Iljitsch and Jari about including all the prefixes or some other workarounds.


My point was basically that having a string that it can be used as a valid locator and that it also has a crypto nature would provide several benefits, since it enables a way to prove its ownership and apps can treat it as a regular ip address

Makes more sense?

Yes, and my first thought on reading the SEND CGA draft was that a very simple modification to CGAs - not including the /48 in the hash - would make them suitable for multi6 and still make the attacker's problem sufficiently hard (2^80).

On another point elsewhere in this thread, my assumption has always
been that the need for uniqueness applies only to {prefix + subnet + CGA}

Brian


regards, marcelo


PS: it is clear that if we are going to use one locator as ULP id, the id will have to change when renumbering, the benefit of this, is that apps still handle ip addresses and that most of their assumptions still hold.

Brian