[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RRG] Tunnel fragmentation/reassembly for RRG map-and-encaps architectures




[Multi-reply...]

On Jan 16, 2008, at 8:10 AM, Noel Chiappa wrote:

My advice to the LISP people was that they didn't need to implement this security stuff in any prototype implemenatations they were doing (where manpower is limited, and the chief concern is trying to get some real-world data on things like delays, unforseen operational issues, etc), because it doesn't change the fundamentals of the operation at all; it's just security
sugar layered over everything.

However, it has all been thought through and worked out, to make sure that
the basic architecture they are trying out *is* securable.


As you mentioned elsewhere, there is no progress without pain. One of those pain points is that security is now a much more stringent requirement today than it was previously, and having proven, deployed security mechanisms as part of a proposal would seem to be a Very Good Thing, IMHO. Just having the claim that something is securable is only going to hold so much water and will definitely attract skeptics.



On Jan 16, 2008, at 8:33 AM, Brian Dickson wrote:
We don't need to reinvent the wheel, IMHO - just take advantage of the dnssec.


That would be fine by me. However, DNSsec has been awaiting deployment for about a decade now. I'm not hopeful that this is going to happen anytime soon.

More generally, my friends in the security and operations communities point out that, in general, approaches with a full blown PKI infrastructure are simply too heavyweight to be pragmatically deployable. There are simply too many interdependencies. Their strong suggestions point much more towards pairwise security and/or web-of-trust approaches (ala PGP).


On Jan 16, 2008, at 2:11 PM, Brian Dickson wrote:
There's two distinct things:
1) how to *publish* the data;
2) how to *serve* the data

Both need to be secure to be trustworthy.


Is this really true? Does serving the data truly need to be secure as long as the data is authentic, accurate, timely, etc.?

If we can avoid securing the mapping transport layer, it would be a very big win.

Tony


--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg