[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RRG] Identifiers & Security Associations



>I'm only concerned about how to get there from here without a deployment >problem

If you give ISPs as well as all end users a number of id's to name interfaces and such, there might be no need to change sw in hosts. Routers will get their own names too. Host Name + Router Name + Router Locator = IP Address as it is today. Hence there is no need to change the routing. I.e. what is left is to provide a flat names' set and a separate hierarchical locators' set, right?

Thank you,

Peter




--- On Sun, 5/25/08, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:

> From: Brian E Carpenter <brian.e.carpenter@gmail.com>
> Subject: Re: [RRG] Identifiers & Security Associations
> To: "Randall Atkinson" <rja@extremenetworks.com>
> Cc: "IRTF Routing RG" <rrg@psg.com>
> Date: Sunday, May 25, 2008, 9:45 PM
> On 2008-05-26 12:49, Randall Atkinson wrote:
> > Earlier, Brian Carpenter wrote:
> ...
> > % In that role it could of course be replaced by some
> ID inserted
> > % at a level above IP (as it is in IPSEC over UDP, in
> effect), but we
> > % have to provide that at the same time as
> architecturally removing
> > % e2e addressing. And if you do that *except* by
> inserting an alternative
> > % 32 or 128 bit e2e quantity that looks just like an
> IP address, you
> > % create unthinkable amounts of disturbance to upper
> layer running code.
> > 
> > That claim is NOT obvious to me.
> 
> ...
> > Perhaps you were thinking of some security approach
> other than
> > IPsec or SSL/TLS ??
> 
> I think we don't know. Certainly the known cases are
> IPsec and TLS.
> We could trawl in RFCs 3789 through 3796 for others, but
> that wouldn't
> catch non-IETF protocols.
> 
> Note, I *fully agree that "good non-topological
> identifiers" are
> what we should use; I'm only concerned about how to get
> there from
> here without a deployment problem that is just as hard as
> the IPv6
> deployment problem.
> 
>    Brian
> 
> --
> to unsubscribe send a message to rrg-request@psg.com with
> the
> word 'unsubscribe' in a single line as the message
> text body.
> archive: <http://psg.com/lists/rrg/> &
> ftp://psg.com/pub/lists/rrg


      

--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg