[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: addition of TLV to locator ID or locator ID set

To: Erik Nordmark <erik.nordmark@sun.com>
Subject: Re: addition of TLV to locator ID or locator ID set
From: Paul Jakma <paul@clubi.ie>
Date: Mon, 3 Oct 2005 21:02:49 +0100 (IST)
Cc: shim6-wg <shim6@psg.com>, Iljitsch van Beijnum <iljitsch@muada.com>
In-reply-to: <4341716D.6080704@sun.com>
Mail-copies-to: paul@hibernia.jakma.org
References: <Pine.GSO.4.20.0509221614300.28499-100000@meno.corp.us.uu.net> <Pine.LNX.4.63.0509230228280.3483@sheen.jakma.org> <433986D8.1080603@zurich.ibm.com> <Pine.LNX.4.63.0509281225470.3722@sheen.jakma.org> <599A3AB3-F21C-4E51-B705-101AC56DA569@tony.li> <EBB90B1D-5643-4CB7-BA1F-3701ADABC011@muada.com> <35E4CEA9-5D03-4F52-8394-E8E74B08F670@tony.li> <01a901c5c479$40af14b0$8b010a0a@china.huawei.com> <433BCDCD.2020401@zurich.ibm.com> <Pine.LNX.4.63.0509291332290.3722@sheen.jakma.org> <433C2B37.106@sun.com> <Pine.LNX.4.63.0509302106470.11479@sheen.jakma.org> <1b0d973b0bf507b3e238adfbc0f04725@it.uc3m.es> <Pine.LNX.4.63.0510021632580.11479@sheen.jakma.org> <952e6116b66282481d0589f3e82e465c@it.uc3m.es> <Pine.LNX.4.63.0510030859000.11479@sheen.jakma.org> <A2A9BD5D-4BF6-4351-B0B2-AD65FF85CDD5@muada.com> <Pine.LNX.4.63.0510031333220.11479@sheen.jakma.org> <4341716D.6080704@sun.com>

On Mon, 3 Oct 2005, Erik Nordmark wrote:

There is a qualitative difference between the various leap-of-faithsecurity schemes (ssh being one example, I think BTNS is talking ofadding the same thing to IPsec), and HBA/CGA as it comes tosecuring the locator changes in shim6.

Surely we ought to distinguish CGA from HBA here? Only HBA provides aunique mapping. CGA is just 'anonymous' public key crypto, as IPSecis. IPSec at least does /allow/ for key exchange schemes other thananonymous keys, like X.509 cert chains, GSS-API, etc.

Thus in effect, the leap-of-faith provides a first-come-first-serveapproach to anybody wanting to claim an IP address as theirs.


Yep.

Compare this with using HBA.
With HBA Alice and Cesar will create the IPv6 address(es) as a hash of somethings.
Thus the only want Bob can pretend to be Alice (and have the sameIP address) is to use the identical HBA parameter data structure.(This isn't hard, since the parameters are sent in the clear.)

Note that if Bob is not MITM, he can still get Alice's HBA, though itrequires Bob to first communicate with Alice. Eg with some innocentunrelated pretence.

Unlike leap-of-faith schemes, which as part of their nature end upassuming that the first host to connect is who they claim to be,the intrinsic result of having a hash of something in theinterface-id in the address, is that we don't need to make any suchleap of faith. Which means that we can have a lot more flexibilitywhen it comes to handling attackers like Bob above who is on thepath for some amount of the time, but perhaps isn't permanently onthe path.

Yes, it's a very nice property of HBA, I must admit. Though, it doescompletely rule out number portability, seemingly (in terms ofULIDs).

  Erik


regards,
--
Paul Jakma	paul@clubi.ie	paul@jakma.org	Key ID: 64A2FF6A
Fortune:
When I got up this morning I took two Ex-Lax in addition to my Prozac.
I can't get off the john, but I feel good about it.

Follow-Ups:
- Re: addition of TLV to locator ID or locator ID set
  - From: Erik Nordmark <erik.nordmark@sun.com>

References:
- Re: addition of TLV to locator ID or locator ID set
  - From: "Jason Schiller (schiller@uu.net)" <jason.schiller@mci.com>
- Re: addition of TLV to locator ID or locator ID set
  - From: Paul Jakma <paul@clubi.ie>
- Re: addition of TLV to locator ID or locator ID set
  - From: Brian E Carpenter <brc@zurich.ibm.com>
- Re: addition of TLV to locator ID or locator ID set
  - From: Paul Jakma <paul@clubi.ie>
- Re: addition of TLV to locator ID or locator ID set
  - From: Tony Li <tony.li@tony.li>
- Re: addition of TLV to locator ID or locator ID set
  - From: Iljitsch van Beijnum <iljitsch@muada.com>
- Re: addition of TLV to locator ID or locator ID set
  - From: Tony Li <tony.li@tony.li>
- Re: addition of TLV to locator ID or locator ID set
  - From: "Spencer Dawkins" <spencer@mcsr-labs.org>
- Re: addition of TLV to locator ID or locator ID set
  - From: Brian E Carpenter <brc@zurich.ibm.com>
- Re: addition of TLV to locator ID or locator ID set
  - From: Paul Jakma <paul@clubi.ie>
- Re: addition of TLV to locator ID or locator ID set
  - From: Erik Nordmark <erik.nordmark@sun.com>
- Re: addition of TLV to locator ID or locator ID set
  - From: Paul Jakma <paul@clubi.ie>
- Re: addition of TLV to locator ID or locator ID set
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>
- Re: addition of TLV to locator ID or locator ID set
  - From: Paul Jakma <paul@clubi.ie>
- Re: addition of TLV to locator ID or locator ID set
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>
- Re: addition of TLV to locator ID or locator ID set
  - From: Paul Jakma <paul@clubi.ie>
- Re: addition of TLV to locator ID or locator ID set
  - From: Iljitsch van Beijnum <iljitsch@muada.com>
- Re: addition of TLV to locator ID or locator ID set
  - From: Paul Jakma <paul@clubi.ie>
- Re: addition of TLV to locator ID or locator ID set
  - From: Erik Nordmark <erik.nordmark@sun.com>

Prev by Date: Re: addition of TLV to locator ID or locator ID set
Next by Date: I-D ACTION:draft-ietf-shim6-proto-00.txt
Previous by thread: Re: addition of TLV to locator ID or locator ID set
Next by thread: Re: addition of TLV to locator ID or locator ID set
Index(es):
- Date
- Thread