[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security Module for shim6 or hip really

To: Iljitsch van Beijnum <iljitsch@muada.com>
Subject: Re: Security Module for shim6 or hip really
From: marcelo bagnulo braun <marcelo@it.uc3m.es>
Date: Mon, 31 Jul 2006 12:44:32 +0300
Cc: Jari Arkko <jari.arkko@piuha.net>, shim6-wg <shim6@psg.com>
In-reply-to: <E1F1044B-39EF-4F65-8914-41AADE245DDA@muada.com>
References: <816DD9299957E547B5D758D7F977D6DC338047@tayexc14.americas.cpqcorp.net> <55D0ED5D-20B0-4456-AC74-6B998A054EA9@muada.com> <44CD1D70.4050202@piuha.net> <8ae35d23ababce16164312dea8d2e50c@it.uc3m.es> <E1F1044B-39EF-4F65-8914-41AADE245DDA@muada.com>


El 31/07/2006, a las 12:14, Iljitsch van Beijnum escribió:

On 31-jul-2006, at 9:31, marcelo bagnulo braun wrote:
First, it is customary to require a mandatory to implement
security mechanism for IETF specs. Without this, there will be very
little interoperability. But it doesn't rule out pluggable security
mechanisms, just that one of them has to be mandatory.
Well, if people feel the patent issues with CGA/HBA are such that theycan't implement those, should we prohibit them from implementing shim6altoghether? That doesn't make too much sense...
moreover, i think it would be interesting to understand how theprotocol would behave, if for instance, one end supports only HBA andthe other end only supports CGA (or other two different securitymechanisms)
And: it's possible that an implementation supports a certain securitymechanism for authenticating its own stuff but not for checking theauthentication of the other side,


i am not following this...

a host don't need security to check its own locator set, we assume thatit has some local means to verify which its own locators are... (but iguess this is not what you were thinking about...)

so afaict, a host only need security means to verify the peers locatorset

or the other way around. So we need to exchange capabilities for bothsend and receive.
(the reception of packet is done solely based on the context tag, soit doesn't matter which source locator is used).
I don't like this assumption...

why not? this results in similar security that the currentnon-multihomed-IP and it simplifies considerably the processing ofincoming packets...

perhaps one option would be to include something like the LocatorList Option in the ack message where the receiver of the updatemessage can ack each locator separately and also specify the reasonwhy it doesn't ack a given locator (including a code for validationmethod not supported)
Does it make sense to have different authentication mechanisms fordifferent locators?


well, i think so

suppose you have a CGA/HBA address

you can use the HBA mechanisms to move among a stable set of locatorsand you can use the CGA method to add new locators that were notpresent initially to the locator set


Regards, marcelo

Iljitsch

Follow-Ups:
- Re: Security Module for shim6 or hip really
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

References:
- Security Module for shim6 or hip really
  - From: "Bound, Jim" <Jim.Bound@hp.com>
- Re: Security Module for shim6 or hip really
  - From: Iljitsch van Beijnum <iljitsch@muada.com>
- Re: Security Module for shim6 or hip really
  - From: Jari Arkko <jari.arkko@piuha.net>
- Re: Security Module for shim6 or hip really
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>
- Re: Security Module for shim6 or hip really
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

Prev by Date: Re: CGA Use with HBA in Shim6 IETF Meeting July 10, 2006
Next by Date: Re: Security Module for shim6 or hip really
Previous by thread: Re: Security Module for shim6 or hip really
Next by thread: Re: Security Module for shim6 or hip really
Index(es):
- Date
- Thread