[Hipsec-rg] 答复: 答复: Key Revocation Issue

zhangdacheng at huawei.com (Zhang Dacheng) Fri, 23 January 2009 03:02 UTC

From: "zhangdacheng at huawei.com"
Date: Fri, 23 Jan 2009 11:02:50 +0800
Subject: [Hipsec-rg] 答复: 答复: Key Revocation Issue
In-Reply-To: <20090122132950.GA1342@cisco.com>
Message-ID: <003501c97d07$13d8fb00$480c6f0a@china.huawei.com>


I absolutely agree that FQDNs cannot directly be used for session
authentication etc.  But we need to clarify that the original objective of
designing HIP is separation of IDs and locators rather than security. I
agree security is an important functionality provided by HIP. But I am not
convinced that HITs cannot be taken placed by FQDNs just because HIT can be
used for security purposes. If so, why cannot we just associate with each
FQDN with a PKI certificate? There has been lots of work on session
authentication using certificates. This solution seems much easier to be
achieved than modifying the protocol stack. 

In addition, do you have any idea about whether it is reasonable to assume
that each HIP host is associated with a FQDN?

Best wishes,

Dacheng Zhang

> Excerpts from Zhang Dacheng on Thu, Jan 22, 2009 10:43:02AM +0800:
> > I agree that it is an intuitive solution to solve the key 
> revocation 
> > issue with DNS. However, my concern is whether it is 
> reasonable for us 
> > to assume that every host has a FQDN. If yes, the 
> importance of HIP is 
> > largely weakened. We can use FQDN rather than HI to achieve the 
> > separation of ID from Locator.
> As far as I can see this isn't true.  Different "identification"
> functions have different needs.  You can use a FQDN as an 
> identifier for initial discovery of a location, but you 
> cannot use it for session authentication or control.  To 
> start with you would be subject to man-in-the-middle attacks.
> Scott
> _______________________________________________
> Hipsec-rg mailing list
> Hipsec-rg at listserv.cybertrust.com
> https://listserv.cybertrust.com/mailman/listinfo/hipsec-rg