[Hipsec-rg] 答复: Hierarchical HITs
shengjiang at huawei.com (Sheng Jiang) Fri, 16 January 2009 22:15 UTC
From: "shengjiang at huawei.com"
Date: Sat, 17 Jan 2009 06:15:42 +0800
Subject: [Hipsec-rg] 答复: Hierarchical HITs
In-Reply-To: <49717246.2060004@laposte.net>
References: <f832f99e32cca.32ccaf832f99e@huawei.com> <alpine.LFD.2.00.0901152346540.17180@stargazer.pc.infrahip.net> <1CC9CAD8FB744ADA82C9A6F4C2AC8B03@JiangXiong> <49715DE2.9010603@laposte.net> <D8E864423971478CBA743BECAE60EB4E@JiangXiong> <49717246.2060004@laposte.net>
Message-ID: <5727D3BB8C774649A5AC98E897EABB1C@JiangXiong>
> This is exactly the point; If a HHIT has the limitation that: > > - it is bound with one entity in the hierarchy compared to a plain HIT > (like a DNS name is) > > - is not human readable compared to a DNS name (like a HIT is) > > Then why should I use a HHIT as a host identifier? I'm getting all of > the disadvantages of HIT (not readable) or DNS name (bound to an entity > in the hierarchy) but none of their respective advantages, i.e., not > being bound to an entity, or being readble... I don't think bound to an entity in the hierarchy is a disadvantage at all. As I explained earlier, a self-issued identity means little. Will any country allow entrance of a man whose identity card is issued by himself only? Will BT give services access to a host/device that has its own arbitrary identity? With hierarchy, the identifier can actually have real meaning. If you are considering privacy issues, yes, we don't want the hierarchy information to be learned by receivers. Then our proposed HHIT architecture is also compatible with the flat-structured HIT architecture. By using the HHIT, we get a self-certified identity, itself and its belonging (hierarchy) can be easily verified by receivers. Cheers, Sheng
- [Hipsec-rg] Hierarchical HITs Xu Xiaohu
- [Hipsec-rg] 答复: Key Revocation Issue Zhang Dacheng
- [Hipsec-rg] Key Revocation Issue Henderson, Thomas R
- [Hipsec-rg] re: 答复: 答复: Key Revocation Issue Xu Xiaohu
- [Hipsec-rg] 答复: 答复: Key Revocation Issue Andrew McGregor
- [Hipsec-rg] 答复: 答复: Key Revocation Issue Zhang Dacheng
- [Hipsec-rg] 答复: Key Revocation Issue Scott Brim
- [Hipsec-rg] 答复: Key Revocation Issue Zhang Dacheng
- [Hipsec-rg] Hierarchical HITs JiangSheng 66104
- [Hipsec-rg] Key Revocation Issue Oleg Ponomarev
- [Hipsec-rg] Hierarchical HITs Oleg Ponomarev
- [Hipsec-rg] 答复: Key Revocation Issue Zhang Dacheng
- [Hipsec-rg] 答复: Key Revocation Issue Zhang Dacheng
- [Hipsec-rg] Key Revocation Issue Miika Komu
- [Hipsec-rg] Key Revocation Issue Zhang Dacheng
- [Hipsec-rg] 答复: Hierarchical HITs Zhang Dacheng
- [Hipsec-rg] 答复: Hierarchical HITs Teemu Koponen
- [Hipsec-rg] Hierarchical HITs JiangSheng 66104
- [Hipsec-rg] Hierarchical HITs Oleg Ponomarev
- [Hipsec-rg] 答复: Hierarchical HITs Zhang Dacheng
- [Hipsec-rg] Hierarchical HITs JiangSheng 66104
- [Hipsec-rg] Hierarchical HITs Julien Laganier
- [Hipsec-rg] Hierarchical HITs Julien Laganier
- [Hipsec-rg] 答复: Hierarchical HITs Julien Laganier
- [Hipsec-rg] Hierarchical HITs Oleg Ponomarev
- [Hipsec-rg] 答复: Hierarchical HITs Sheng Jiang
- [Hipsec-rg] 答复: 答复: Hierarchical HITs Sheng Jiang
- [Hipsec-rg] 答复: Hierarchical HITs Sheng Jiang
- [Hipsec-rg] Hierarchical HITs Oleg Ponomarev
- [Hipsec-rg] Hierarchical HITs (Was: reverse DNS l… JiangSheng 66104
- [Hipsec-rg] Key Revocation Issue Zhang Dacheng
- [Hipsec-rg] Key Revocation Issue Henderson, Thomas R