[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Draft multi6 minutes

To: Brian E Carpenter <brc@zurich.ibm.com>
Subject: Re: Draft multi6 minutes
From: Jari Arkko <jari.arkko@piuha.net>
Date: Wed, 01 Dec 2004 19:11:29 +0200
Cc: Erik Nordmark <erik.nordmark@sun.com>, Tim Shepard <shep@alum.mit.edu>, Multi6 <multi6@ops.ietf.org>
In-reply-to: <41ADA35C.3000008@zurich.ibm.com>
Organization: None
References: <E1CZ9YJ-00077y-00@alva.home> <41ACB5D5.7040902@sun.com> <41ADA35C.3000008@zurich.ibm.com>
Reply-to: jari.arkko@piuha.net
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7b) Gecko/20040316

Brian E Carpenter wrote:

Also, whether HBA is better or worse than PK crypto isn't quite the
point for me (chair hat off). As long as HBA is strong enough, the
fact that it doesn't require any kind of PKI is an enormous benefit.
Multihoming needs to work between any arbitrary pair of hosts, and doing
that without PKI is an enormous win.


A small clarification may be appropriate here. We do not
have a PKI (= Public Key *Infrastructure*) proposal on
the table. The only thing we have on the table is a
proposal which uses at least symmetric key crypto and may
also use public key crypto. However, both modes are very
similar from the 10.000 ft perspective: both are
completely zero-config and neither one requires any
other nodes besides the multihomed node to work. The only
difference is in the cryptographic formulas and some
flexibility. So no infrastructure involved or needed.

The way that I understand Tim's comment was
that he was asking (1) whether the benefits of
symmetric-only mode are useful if you in any
case may have to do some of the Sec calculations,
which add to the CPU cost of the scheme when
creating addresses, and (2) whether the 2^59
difference between defenders and attackers is
useful. Erik responded well to the latter question,
and I don't have much to add.

The first question is valid, however. But you have
to remember that the Sec scheme is only built for
the future -- right now we don't feel it needs to
be turned on. So there is an immediate benefit to
MULTI6 users. YMMV regarding the value of that
benefit. Personally, I think it is good bang for
the buck, considering that it does not increase the
complexity more than a little -- even if current
equipment such as cell phones can already handle
PK crypto well.

But as explained above, the benefit that symmetric key
crypto has to do with CPU cost, NOT with the requirement
for any infrastructure.

--Jari

References:
- Re: Draft multi6 minutes
  - From: Tim Shepard <shep@alum.mit.edu>
- Re: Draft multi6 minutes
  - From: Erik Nordmark <erik.nordmark@sun.com>
- Re: Draft multi6 minutes
  - From: Brian E Carpenter <brc@zurich.ibm.com>

Prev by Date: Re: mumti6dt drafts as WG drafts?
Next by Date: Re: Mini WGLC draft-ietf-multi6-multihoming-threats-02.txt
Previous by thread: Re: Draft multi6 minutes
Next by thread: mumti6dt drafts as WG drafts?
Index(es):
- Date
- Thread