[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: addition of TLV to locator ID or locator ID set

To: Jari Arkko <jari.arkko@piuha.net>
Subject: Re: addition of TLV to locator ID or locator ID set
From: Paul Jakma <paul@clubi.ie>
Date: Mon, 3 Oct 2005 16:30:30 +0100 (IST)
Cc: shim6-wg <shim6@psg.com>
In-reply-to: <43414AF1.7080008@piuha.net>
Mail-copies-to: paul@hibernia.jakma.org
References: <Pine.GSO.4.20.0509221614300.28499-100000@meno.corp.us.uu.net> <433986D8.1080603@zurich.ibm.com> <Pine.LNX.4.63.0509281225470.3722@sheen.jakma.org> <599A3AB3-F21C-4E51-B705-101AC56DA569@tony.li> <EBB90B1D-5643-4CB7-BA1F-3701ADABC011@muada.com> <35E4CEA9-5D03-4F52-8394-E8E74B08F670@tony.li> <01a901c5c479$40af14b0$8b010a0a@china.huawei.com> <433BCDCD.2020401@zurich.ibm.com> <Pine.LNX.4.63.0509291332290.3722@sheen.jakma.org> <433C2B37.106@sun.com> <Pine.LNX.4.63.0509302106470.11479@sheen.jakma.org> <1b0d973b0bf507b3e238adfbc0f04725@it.uc3m.es> <Pine.LNX.4.63.0510021632580.11479@sheen.jakma.org> <952e6116b66282481d0589f3e82e465c@it.uc3m.es> <Pine.LNX.4.63.0510030859000.11479@sheen.jakma.org> <b3c2d68a0895cbfc08febf117b9c619e@it.uc3m.es> <Pine.LNX.4.63.0510031054080.11479@sheen.jakma.org> <ad357836c9f76cf7dedd7cf025607878@it.uc3m.es> <Pine.LNX.4.63.0510031435200.11479@sheen.jakma.org> <43414AF1.7080008@piuha.net>

On Mon, 3 Oct 2005, Jari Arkko wrote:

The answer to this question relates to how much dynamism we want inthe address sets. Also, there may be some feature interactions withsites that want to employ both SEND and SHIM6.

Indeed. SeND and CGA seems very interesting for on-linkauthentication.

Both need an exchange to assure the other party that things are OK,e.g., we need to communicate the values (not just the key) used inthe hashing process.


Right, and the protocol we have for key data exchange is IKE.

At which point you may possibly just want to use IPSec AH to securethe traffic. Would I be correct in thinking that only advantage CGAfor such off-link authentication would be saving packet-data overheadof the AH header?

RFC 3971 is an example of a protocol that does this. This isn'tIKE. (But a lot of people confuse the use of public keys withcertified public keys, PKIs, and configured security. This isn'tthe case for here, however.)

Right, even if you used CGA, you could still use CGA and use IKE forkey data/parameters exchange.


regards,
--
Paul Jakma	paul@clubi.ie	paul@jakma.org	Key ID: 64A2FF6A
Fortune:
When you have to kill a man it costs nothing to be polite.
		-- Winston Churchill, on formal declarations of war

Follow-Ups:
- Re: addition of TLV to locator ID or locator ID set
  - From: Jari Arkko <jari.arkko@piuha.net>

References:
- Re: addition of TLV to locator ID or locator ID set
  - From: "Jason Schiller (schiller@uu.net)" <jason.schiller@mci.com>
- Re: addition of TLV to locator ID or locator ID set
  - From: Brian E Carpenter <brc@zurich.ibm.com>
- Re: addition of TLV to locator ID or locator ID set
  - From: Paul Jakma <paul@clubi.ie>
- Re: addition of TLV to locator ID or locator ID set
  - From: Tony Li <tony.li@tony.li>
- Re: addition of TLV to locator ID or locator ID set
  - From: Iljitsch van Beijnum <iljitsch@muada.com>
- Re: addition of TLV to locator ID or locator ID set
  - From: Tony Li <tony.li@tony.li>
- Re: addition of TLV to locator ID or locator ID set
  - From: "Spencer Dawkins" <spencer@mcsr-labs.org>
- Re: addition of TLV to locator ID or locator ID set
  - From: Brian E Carpenter <brc@zurich.ibm.com>
- Re: addition of TLV to locator ID or locator ID set
  - From: Paul Jakma <paul@clubi.ie>
- Re: addition of TLV to locator ID or locator ID set
  - From: Erik Nordmark <erik.nordmark@sun.com>
- Re: addition of TLV to locator ID or locator ID set
  - From: Paul Jakma <paul@clubi.ie>
- Re: addition of TLV to locator ID or locator ID set
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>
- Re: addition of TLV to locator ID or locator ID set
  - From: Paul Jakma <paul@clubi.ie>
- Re: addition of TLV to locator ID or locator ID set
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>
- Re: addition of TLV to locator ID or locator ID set
  - From: Paul Jakma <paul@clubi.ie>
- Re: addition of TLV to locator ID or locator ID set
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>
- Re: addition of TLV to locator ID or locator ID set
  - From: Paul Jakma <paul@clubi.ie>
- Re: addition of TLV to locator ID or locator ID set
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>
- Re: addition of TLV to locator ID or locator ID set
  - From: Paul Jakma <paul@clubi.ie>
- Re: addition of TLV to locator ID or locator ID set
  - From: Jari Arkko <jari.arkko@piuha.net>

Prev by Date: Re: addition of TLV to locator ID or locator ID set
Next by Date: Re: addition of TLV to locator ID or locator ID set
Previous by thread: Re: addition of TLV to locator ID or locator ID set
Next by thread: Re: addition of TLV to locator ID or locator ID set
Index(es):
- Date
- Thread