[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CGA Use with HBA in Shim6 IETF Meeting July 10, 2006

To: Iljitsch van Beijnum <iljitsch@muada.com>
Subject: Re: CGA Use with HBA in Shim6 IETF Meeting July 10, 2006
From: marcelo bagnulo braun <marcelo@it.uc3m.es>
Date: Wed, 19 Jul 2006 15:39:12 +0300
Cc: shim6-wg <shim6@psg.com>
In-reply-to: <3786BE5A-CEDF-40D7-A5AF-E742890E176A@muada.com>
References: <816DD9299957E547B5D758D7F977D6DC29D709@tayexc14.americas.cpqcorp.net> <16450eebc1c7e73684d031441e20b5c8@it.uc3m.es> <3786BE5A-CEDF-40D7-A5AF-E742890E176A@muada.com>

Hi Iljitsch,

El 19/07/2006, a las 15:30, Iljitsch van Beijnum escribió:

On 19-jul-2006, at 11:57, marcelo bagnulo braun wrote:
As i understand it, the only way to make the shim6 security based onIPSec is to assume that a global PKI is deployed, including clientcertificates (i.e. not only server certificates) so that it ispossible to secure any-to-any communication.
From what i understand such global pki is not in place yet and itdoesn't looks like it will be anytime soon if ever. So, i reallydon't think it is reasonable to build the security on the shim6relying on such global pki deployment
does anybody think that it would be acceptable to build the shim6security based on the assumption of a global PKI deployment?
Note that server certificates are relatively widespread, hence mysuggestion to adopt TLS as an alternative security mechanism inaddition to HBA.

server certificate are more widely used than client certificatesindeed, but in the case of the shim6 we need certificates for bothends, so what do we do for securing the client?

besides, currently deployed certificates provide binding between FQDNsand public key.... while in the shim6 we need binding between IPaddresses and public keys, meaning than currently deployed certificatesare not good (at least not in the general case and additionalassumptions about the existance of a FQDN is needed and the associatedimplications...)

in addition, using certificates and public key crypto is much moreexpensive than CGAs, since they would involve public key operations notonly for the validation of the locator set (as in CGA) but also for thevalidation of the certificates themselves (and this costs grows if thecertification chain is long). In addition, there is the overhead due tothe transmission of the certificates in the protocol itself, includingall the certificates in the cert chain, which may even not fit in asingle packet so we may end up neededing to send multi-packet messages.

and all this for every shimmed communication....

i thought that one of the key goals in the shim6 design wasefficiency.... such an approach would really move us apart from theefficiency path...

regards, marcelo

It would be helpful to determine whether we as a wg want this or not.
Obviously it's also possible to use IPsec rather than TLS but I don'tsee how this would benefit us greatly and IPsec has proven hard todeploy until now.

Follow-Ups:
- Re: CGA Use with HBA in Shim6 IETF Meeting July 10, 2006
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

References:
- RE: CGA Use with HBA in Shim6 IETF Meeting July 10, 2006
  - From: "Bound, Jim" <Jim.Bound@hp.com>
- Re: CGA Use with HBA in Shim6 IETF Meeting July 10, 2006
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>
- Re: CGA Use with HBA in Shim6 IETF Meeting July 10, 2006
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

Prev by Date: Re: CGA Use with HBA in Shim6 IETF Meeting July 10, 2006
Next by Date: Re: CGA Use with HBA in Shim6 IETF Meeting July 10, 2006
Previous by thread: Re: CGA Use with HBA in Shim6 IETF Meeting July 10, 2006
Next by thread: Re: CGA Use with HBA in Shim6 IETF Meeting July 10, 2006
Index(es):
- Date
- Thread