[Hipsec-rg] discussion of draft-lee-hip-object-01

thomas.r.henderson at boeing.com (Henderson, Thomas R) Fri, 12 December 2008 16:36 UTC

From: "thomas.r.henderson at boeing.com"
Date: Fri, 12 Dec 2008 08:36:19 -0800
Subject: [Hipsec-rg] discussion of draft-lee-hip-object-01
In-Reply-To: <004101c95b80$aa95b810$ffc12830$@ac.kr>
References: <77F357662F8BFA4CA7074B0410171B6D07B0BB86@XCH-NW-5V1.nw.nos.boeing.com> <493D5698.9090307@hiit.fi> <002701c959d0$ba69df20$2f3d9d60$@gov> <77F357662F8BFA4CA7074B0410171B6D07B0BBB0@XCH-NW-5V1.nw.nos.boeing.com> <4940D304.8030706@hiit.fi> <004101c95b80$aa95b810$ffc12830$@ac.kr>
Message-ID: <77F357662F8BFA4CA7074B0410171B6D07B0BBB9@XCH-NW-5V1.nw.nos.boeing.com>

 

> -----Original Message-----
> From: Gyu Myoung Lee [mailto:gmlee at icu.ac.kr] 
> Sent: Thursday, December 11, 2008 3:07 AM
> To: miika.komu at hiit.fi; Henderson, Thomas R
> Cc: skjo at etri.re.kr; jkchoi at icu.ac.kr; gmlee at icu.ac.kr; 
> hipsec-rg at listserv.cybertrust.com
> Subject: RE: [Hipsec-rg] discussion of draft-lee-hip-object-01
> 
> 
> Dear All
> 
> Origianlly I proposed the extension of "endpoint" to all of 
> objects so that
> each object would be a host. So, I suggested new object identity for
> replacing host identity.
> 
> However, I am not in favor with specific solutions. The most 
> important thing
> is to accomplish the same goals for object-to-object communications.
> 
> If the our proposal has some problems in particular security 
> aspects and we
> want to keep the exisiting Host_ID, as Tom suggested, to specify a new
> Domain Identifier format for the Object ID can be one of good 
> solutions for
> the same objective. In this case, we can also get mapping 
> information for
> each object.

OK, then, a next question I have is how you would envision a specific
use case to be handled.  You had mentioned previously an RFID tag as an
example object.  Typically, these are read by an RFID reader, which I
presume would be the endpoint of communications.  

- who (which software processes) is communicating with whom?  A software
process on an RFID reader talking with a centralized controller or
inventory manager, for instance?
- does the RFID reader have a host identity that maps to many object
identities, or is it one-to-one?
- how is the binding between object identity and host identity secured,
if at all?
- what would be the syntax of representing the Object ID (RFID) in the
HIP protocol data structures?
- are you concerned about the use case of HIP running over a network
that is not IP-based?  If so, what is HIP establishing if not IPsec
security associations?

I think that if you could sketch out with some detail how you envision
one of these specific use cases for your proposal, it would help me and
others to better understand what you would like to see specified.

Tom

[Hipsec-rg] discussion of draft-lee-hip-object-01 Henderson, Thomas R
[Hipsec-rg] discussion of draft-lee-hip-object-01 Gyu Myoung Lee
[Hipsec-rg] discussion of draft-lee-hip-object-01 Henderson, Thomas R
[Hipsec-rg] discussion of draft-lee-hip-object-01 Gyu Myoung Lee
[Hipsec-rg] discussion of draft-lee-hip-object-01 Miika Komu
[Hipsec-rg] discussion of draft-lee-hip-object-01 Henderson, Thomas R
[Hipsec-rg] discussion of draft-lee-hip-object-01 Gyu Myoung Lee
[Hipsec-rg] discussion of draft-lee-hip-object-01 Miika Komu
[Hipsec-rg] discussion of draft-lee-hip-object-01 Henderson, Thomas R