[Hipsec-rg] Hierarchical HITs

julien.laganier.ietf at googlemail.com (Julien Laganier) Sat, 17 January 2009 06:42 UTC

From: "julien.laganier.ietf at googlemail.com"
Date: Fri, 16 Jan 2009 23:42:21 -0700
Subject: [Hipsec-rg] Hierarchical HITs
In-Reply-To: <5727D3BB8C774649A5AC98E897EABB1C@JiangXiong>
References: <f832f99e32cca.32ccaf832f99e@huawei.com> <alpine.LFD.2.00.0901152346540.17180@stargazer.pc.infrahip.net> <1CC9CAD8FB744ADA82C9A6F4C2AC8B03@JiangXiong> <49715DE2.9010603@laposte.net> <D8E864423971478CBA743BECAE60EB4E@JiangXiong> <49717246.2060004@laposte.net> <5727D3BB8C774649A5AC98E897EABB1C@JiangXiong>
Message-ID: <49717DCD.7050903@googlemail.com>


Sheng Jiang wrote:
>> This is exactly the point; If a HHIT has the limitation that:
>> - it is bound with one entity in the hierarchy compared to a plain HIT
>> (like a DNS name is)
>> - is not human readable compared to a DNS name (like a HIT is)
>> Then why should I use a HHIT as a host identifier? I'm getting all of
>> the disadvantages of HIT (not readable) or DNS name (bound to an entity
>> in the hierarchy) but none of their respective advantages, i.e., not
>> being bound to an entity, or being readble...
> I don't think bound to an entity in the hierarchy is a disadvantage at all.

You haven't replied to my previous question which was "My question was,
If my identifier is bound with one entity in the hierarchy, what would
be the advantage of using HHIT as host identifiers, compared to using
DNS names as host identifiers? "

Now if this is not a disadvantage, and if it's actually the
functionality that you're searching for, why can't you simply use domain
names as host identifiers. They have the advantage of being human
readable, and I do not see any domain name drawback to HHIT...