[Atoca] Requirement for Originator Authentication?

Hannes Tschofenig <hannes.tschofenig@gmx.net> Sat, 15 January 2011 19:28 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: earlywarning@core3.amsl.com
Delivered-To: earlywarning@core3.amsl.com
Received: from localhost (localhost []) by core3.amsl.com (Postfix) with ESMTP id 3DCD23A6E26 for <earlywarning@core3.amsl.com>; Sat, 15 Jan 2011 11:28:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.609
X-Spam-Status: No, score=-102.609 tagged_above=-999 required=5 tests=[AWL=-0.010, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (core3.amsl.com []) (amavisd-new, port 10024) with ESMTP id NGcsJT7NKrCD for <earlywarning@core3.amsl.com>; Sat, 15 Jan 2011 11:28:06 -0800 (PST)
Received: from mailout-de.gmx.net (mailout-de.gmx.net []) by core3.amsl.com (Postfix) with SMTP id D1A263A6E23 for <earlywarning@ietf.org>; Sat, 15 Jan 2011 11:28:05 -0800 (PST)
Received: (qmail invoked by alias); 15 Jan 2011 19:30:34 -0000
Received: from a88-115-222-204.elisa-laajakaista.fi (EHLO []) [] by mail.gmx.net (mp060) with SMTP; 15 Jan 2011 20:30:34 +0100
X-Authenticated: #29516787
X-Provags-ID: V01U2FsdGVkX19Vz6x8ARNV9y7TBRTm1y0cFbincP4NZOzVsUb94R ZQzoLzBbY66C+P
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Date: Sat, 15 Jan 2011 21:30:33 +0200
Message-Id: <D15CC605-98D7-4959-9CA3-7B1ADED306D6@gmx.net>
To: earlywarning@ietf.org, Igor Faynberg <igor.faynberg@alcatel-lucent.com>
Mime-Version: 1.0 (Apple Message framework v1082)
X-Mailer: Apple Mail (2.1082)
X-Y-GMX-Trusted: 0
Subject: [Atoca] Requirement for Originator Authentication?
X-BeenThere: earlywarning@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Discussion list for the IETF Authority-to-Citizen Alert \(atoca\) working group." <earlywarning.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/earlywarning>, <mailto:earlywarning-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/earlywarning>
List-Post: <mailto:earlywarning@ietf.org>
List-Help: <mailto:earlywarning-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/earlywarning>, <mailto:earlywarning-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Jan 2011 19:28:07 -0000

Hi all, 

Igor raised an interesting question during the meeting in context of the security threats, namely: 

" Do we have the requirement to authenticate the originator? "

I couldn't provide him an answer during the meeting because I was not quite sure whether he was asking the question in the style of 

"Do we need end-to-end security or is a hop-by-hop security solution good enough?"

So, I am not quite sure how to interpret the question.