Re: visibility of identifier in shim6 payload packet

[marcelo bagnulo braun <marcelo@it.uc3m.es>]

El 08/08/2006, a las 15:50, Jari Arkko escribió:

> marcelo bagnulo braun wrote:
>
> > shim without proper security is simply inacceptable. We must provide a
> > security mechanism (at least one) from the start of the shim will not 
> > fly.
>
> I fully agree with this.
>
> > And saying use IPSec in the security considerations section will not
> > fly, because oportunistic IPSec does not make a proper job and pre
> > shared keys and PKI are not feasible in the short term.
>
> The short version of my opinion is that I do
> not see IPsec as a mechanism that satisfies
> the goals of Shim6.
>
> The longer version: I do like modular design,
> and I don't mind having the possibility of several
> different methods, possibly including IPsec, to
> exist in addition to the mandatory to implement
> mechanism for Shim6.


i am perfectly ok with this modular approach and supporting different 
security moduls that can be added later

moreover, i also like Francis suggestion to _re-use_ IPSec for security 
_when_ the peers are already using IPSec for their communications and 
it happens that for this particular pair of communicating peers, the 
tools for providing authentications are in place for that particular 
pair of hosts (i.e. the hosts already have a pre shared key or they are 
using certificates issued with a common trust anchor point)

but the shim6 protocol needs to have a default security mechanism that 
applies for the general case and IPSec is not it

Regards, marcelo