Re: [dna] next steps on draft-ietf-dna-simple
Bernard Aboba <bernard_aboba@hotmail.com> Thu, 10 December 2009 16:58 UTC
Return-Path: <bernard_aboba@hotmail.com>
X-Original-To: dna@core3.amsl.com
Delivered-To: dna@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 43D1628C126; Thu, 10 Dec 2009 08:58:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.654
X-Spam-Level:
X-Spam-Status: No, score=-1.654 tagged_above=-999 required=5 tests=[AWL=0.944, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g927t8Plri8q; Thu, 10 Dec 2009 08:58:00 -0800 (PST)
Received: from blu0-omc2-s7.blu0.hotmail.com (blu0-omc2-s7.blu0.hotmail.com [65.55.111.82]) by core3.amsl.com (Postfix) with ESMTP id 6EE9B28C116; Thu, 10 Dec 2009 08:58:00 -0800 (PST)
Received: from BLU137-W21 ([65.55.111.72]) by blu0-omc2-s7.blu0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 10 Dec 2009 08:57:49 -0800
Message-ID: <BLU137-W21E8A387CE0934AB3B3C08938D0@phx.gbl>
Content-Type: multipart/alternative; boundary="_d96913d7-ff5d-4333-b777-cb72b285eb17_"
X-Originating-IP: [24.19.160.219]
From: Bernard Aboba <bernard_aboba@hotmail.com>
To: Jari Arkko <jari.arkko@piuha.net>
Date: Thu, 10 Dec 2009 08:57:48 -0800
Importance: Normal
In-Reply-To: <4B21272D.7060605@piuha.net>
References: <4B0655CB.2040309@piuha.net> <4B203D25.5090409@ericsson.com> <BLU137-DS1F32A2E3E81C6B537AB94938D0@phx.gbl>, <4B21272D.7060605@piuha.net>
MIME-Version: 1.0
X-OriginalArrivalTime: 10 Dec 2009 16:57:49.0358 (UTC) FILETIME=[E78404E0:01CA79B9]
Cc: Lars, Dna <dna@eng.monash.edu.au>, dna@ietf.org, draft-ietf-dna-simple@tools.ietf.org, "iesg@ietf.org" <iesg@ietf.org>, Eggert <lars.eggert@nokia.com>
Subject: Re: [dna] next steps on draft-ietf-dna-simple
X-BeenThere: dna@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNA working group mailing list <dna.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dna>, <mailto:dna-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dna>
List-Post: <mailto:dna@ietf.org>
List-Help: <mailto:dna-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dna>, <mailto:dna-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Dec 2009 16:58:01 -0000
This is fine. > Ok. How about this: > > "Unless SEND or other form of secure address configuration is used, the > DNA procedure does not in itself provide positive, secure authentication > of the router(s) on the network, or authentication of the network > itself, as e.g. would be provided by mutual authentication at the link > layer. Therefore when such assurance is not available, the host MUST NOT > make any security-sensitive decisions based on the DNA procedure alone. > In particular, it MUST NOT decide it has rejoined a network known to be > physically secure, and proceed to abandon cryptographic protection." > > Jari >
- [dna] next steps on draft-ietf-dna-simple Jari Arkko
- Re: [dna] next steps on draft-ietf-dna-simple Bernard Aboba
- [dna] DNA and DHCPv6 Bernard Aboba
- Re: [dna] DNA and DHCPv6 Ralph Droms
- Re: [dna] DNA and DHCPv6 Bernard Aboba
- Re: [dna] DNA and DHCPv6 Ralph Droms
- Re: [dna] DNA and DHCPv6 Bernard Aboba
- Re: [dna] next steps on draft-ietf-dna-simple Suresh Krishnan
- Re: [dna] [DNA] RE: DNA and DHCPv6 Bernard Aboba
- Re: [dna] next steps on draft-ietf-dna-simple Bernard Aboba
- Re: [dna] next steps on draft-ietf-dna-simple Jari Arkko
- Re: [dna] next steps on draft-ietf-dna-simple Bernard Aboba
- Re: [dna] next steps on draft-ietf-dna-simple Jari Arkko
- Re: [dna] next steps on draft-ietf-dna-simple Ted Lemon
- Re: [dna] next steps on draft-ietf-dna-simple Jari Arkko
- Re: [dna] next steps on draft-ietf-dna-simple Suresh Krishnan
- Re: [dna] next steps on draft-ietf-dna-simple Jari Arkko