[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Security Module for shim6 or hip really
A suggestion proposed at the Montreal IETF SHIM6 WG meeting was to treat
the security of ULIDs as module (abstractly speaking) for SHIM6 where
the user or implementer can plug in different solutions. We would
abstract out ULID processing for security so that multiple solutions
could be used. Each solution would be its own IETF draft specification
and IETF discussion with close collaboration with the IETF Security
Area. I think this would be doing proper engineering diligence for this
problem and we can explore HBA, TLS, IPsec and even other options. This
also would permit the shim6 spec to move forward and provide a security
note in the spec and avoid the in process IPR debate for CGA.
Thoughts?
/jim