[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CGA Use with HBA in Shim6 IETF Meeting July 10, 2006



On 23-jul-2006, at 17:20, Francis Dupont wrote:

=> HBAs are weaker than CGAs (which provide ownership using the signature),
and than standard strong authentication (using some kind of PKI).
Without the hash extension IMHO they would be too weak,

Too weak for what?

I would be interested to learn what kind of attacks that could be carried out on the internet as we know it today you feel HBA could be vulnerable to.