[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: About AID security (was Re: Question re HIP dependency & some architectural considerations)
But this locally generated AID does not support referrals of any kind,
right?
Right.
... relying on IP addresses for access control is silly. Hence, I
would
not worry *too* much about it.
Okey, but suppose that we the multihoming solution is based in cgas,
in order to be secure and backward compatible at the same time. then
wouldn't it make sense to make ACLs based on CGAs?
Well, only for backwards compatibility. CGAs will be inherently less
secure than the public keys themselves. Hence, most probably it would
make sense to store either the public keys or longer-than-CGA hashes
of the public keys to the ACL.
If we design a solution that provides CGAs, we are providing the apps
with a secure-enough AID, so they can start using it as an identifier
to authorization and so on. ...
I think the goal and means you mention is fine for backwards
compatibility,
provided that the CGA related IPR issues can be resolved. Personally,
I'd like to see that happening, but I am not ready to again fight the
IPR battle within Ericsson. Somebody else must take care of that this
time if the WG would like to see that happen.
[I mean if we move to the hip plane, HITs are suitable to be used as
identity tokens to perform authorization by apps, do you think that
apps will start using the HIT or they will move to the HI directly?]
That questions belongs to the HIP-RG list, not here, and I'll redirect
my answer to that there.
Bottom line, is that if we provide a transition tool such as the CGA
(which provides security to some degree), this may be an obstacle to
moving towards the "real" identifier later on.
Well, everything finally depends on your time scale. I don't believe
a few years or even 10 years delay is necessarily a bad thing...
And as long as CGAs remain secure enough (and there will be a time
when they are no longer) I'm happy if people use them.
--Pekka