[Hipsec-rg] 答复: Hierarchical HITs

[shengjiang at huawei.com (Sheng Jiang)]

> >>>> I.e. when I change my network provider I will have to change the "HIP
> >>>> management domain" part in HIT?
> 
> Sheng, thank you for such a long explanation, but I meant the following
> example.
> 
> A customer does not want to pay anymore to Provider_A, whose management
> tag she has in her HHIT, but Provider_A does the mapping/etc service for
> her HHIT. So the customer will have to change her identifier (HHIT) in
> this case, right?
> 
> I just do not see the reasons to have a new hierarchical space of
> identifiers. We already have the Internet address space, domain names, SSL
> certificates and so on. Of course, I might be wrong.

Yes, we have so many hierarchical identifiers already. They are hierarchical
for reasons: aggregative, even more important for management purpose. This
is particularly important for host identity. Will any country allow entrance
of a man whose identity card is issued by himself only? Will BT give
services access to a host/device that has its own arbitrary identity? The
purpose of an identity is to identify itself, the most important, its
belonging. Our proposal embeds this belonging information into HIT, make the
HIT meaningful. The receiver or network management plane can easily validate
it.

Regards,

Sheng