[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TASL

To: Brian E Carpenter <brc@zurich.ibm.com>
Subject: Re: TASL
From: Erik Nordmark <Erik.Nordmark@sun.com>
Date: Thu, 5 Aug 2004 16:04:32 -0700 (PDT)
Cc: Multi6 <multi6@ops.ietf.org>
In-reply-to: "Your message with ID" <41126FBB.90407@zurich.ibm.com>
Reply-to: Erik Nordmark <Erik.Nordmark@sun.com>

> Since the protocol exchange is protected by TLS, we are certain
> that no 3rd party has injected bogus locators or been able to
> observe the locator exchange. Thus, whichever host initially
> responded to locator ULID2 is the only one able to send and receive
> news of alternative locators, and only to the host that initially
> used locator ULID1. This seems to cover a lot of the multihoming
> threats.

This assumes that the responder has a certificate?
What is the binding between that certificate and the identity of the
responder? Based on the FQDN matching, or based on having IP address(es)
in the certificate?
Assuming we worry about pre-meditated attacks (aka time-shifting attacks)
we do need a reasonably strong binding between the cert and the responder.

> Note that this is all a one-way solution as far as the ULP is concerned.
> If ULP packets come back from host 2 to host 1, the whole thing is
> repeated independently in the reverse direction.

Does this mean that a separate tls session is established in the reverse 
direction?
Would the initiator of the communication need a TLS certificate?

   Erik

Follow-Ups:
- Re: TASL
  - From: Brian E Carpenter <brc@zurich.ibm.com>

References:
- TASL
  - From: Brian E Carpenter <brc@zurich.ibm.com>

Prev by Date: TASL
Next by Date: Re: TASL
Previous by thread: TASL
Next by thread: Re: TASL
Index(es):
- Date
- Thread