[Hipsec-rg] 答复: 答复: Hierarchical HITs

shengjiang at huawei.com (Sheng Jiang) Fri, 16 January 2009 21:20 UTC

From: "shengjiang at huawei.com"
Date: Sat, 17 Jan 2009 05:20:08 +0800
Subject: [Hipsec-rg] 答复: 答复: Hierarchical HITs
In-Reply-To: <49715DE2.9010603@laposte.net>
References: <f832f99e32cca.32ccaf832f99e@huawei.com> <alpine.LFD.2.00.0901152346540.17180@stargazer.pc.infrahip.net> <1CC9CAD8FB744ADA82C9A6F4C2AC8B03@JiangXiong> <49715DE2.9010603@laposte.net>
Message-ID: <D8E864423971478CBA743BECAE60EB4E@JiangXiong>

> Sheng Jiang wrote:
> >>>>>> I.e. when I change my network provider I will have to change the
"HIP
> >>>>>> management domain" part in HIT?
> >> Sheng, thank you for such a long explanation, but I meant the following
> >> example.
> >>
> >> A customer does not want to pay anymore to Provider_A, whose management
> >> tag she has in her HHIT, but Provider_A does the mapping/etc service
for
> >> her HHIT. So the customer will have to change her identifier (HHIT) in
> >> this case, right?
> >>
> >> I just do not see the reasons to have a new hierarchical space of
> >> identifiers. We already have the Internet address space, domain names,
SSL
> >> certificates and so on. Of course, I might be wrong.
> >
> > Yes, we have so many hierarchical identifiers already. They are
hierarchical
> > for reasons: aggregative, even more important for management purpose.
This
> > is particularly important for host identity. Will any country allow
entrance
> > of a man whose identity card is issued by himself only? Will BT give
> > services access to a host/device that has its own arbitrary identity?
The
> > purpose of an identity is to identify itself, the most important, its
> > belonging. Our proposal embeds this belonging information into HIT, make
the
> > HIT meaningful. The receiver or network management plane can easily
validate
> > it.
> 
> Hello Sheng,
> 
> If my identifier is bound with one entity in the hierarchy, then I'm
> wondering what would be the advantage of using HHIT over traditional DNS
> names?

Good question, Julien. However, why do we have to using HHIT over DNS? For
my understanding, because flat-structure HIT is lack of hierarchy, the best
way to use it is with hierarchical domain name system. It is different for
HHIT case. The Hierarchical HIT can be used alone. With its HIP management
tag, a HHIT can have most of meaning of a domain name only except that it is
non-human-readable. It can be mapped to locator directly.

Regards,

Sheng

[Hipsec-rg] Hierarchical HITs Xu Xiaohu
[Hipsec-rg] 答复: Key Revocation Issue Zhang Dacheng
[Hipsec-rg] Key Revocation Issue Henderson, Thomas R
[Hipsec-rg] re: 答复: 答复: Key Revocation Issue Xu Xiaohu
[Hipsec-rg] 答复: 答复: Key Revocation Issue Andrew McGregor
[Hipsec-rg] 答复: 答复: Key Revocation Issue Zhang Dacheng
[Hipsec-rg] 答复: Key Revocation Issue Scott Brim
[Hipsec-rg] 答复: Key Revocation Issue Zhang Dacheng
[Hipsec-rg] Hierarchical HITs JiangSheng 66104
[Hipsec-rg] Key Revocation Issue Oleg Ponomarev
[Hipsec-rg] Hierarchical HITs Oleg Ponomarev
[Hipsec-rg] 答复: Key Revocation Issue Zhang Dacheng
[Hipsec-rg] 答复: Key Revocation Issue Zhang Dacheng
[Hipsec-rg] Key Revocation Issue Miika Komu
[Hipsec-rg] Key Revocation Issue Zhang Dacheng
[Hipsec-rg] 答复: Hierarchical HITs Zhang Dacheng
[Hipsec-rg] 答复: Hierarchical HITs Teemu Koponen
[Hipsec-rg] Hierarchical HITs JiangSheng 66104
[Hipsec-rg] Hierarchical HITs Oleg Ponomarev
[Hipsec-rg] 答复: Hierarchical HITs Zhang Dacheng
[Hipsec-rg] Hierarchical HITs JiangSheng 66104
[Hipsec-rg] Hierarchical HITs Julien Laganier
[Hipsec-rg] Hierarchical HITs Julien Laganier
[Hipsec-rg] 答复: Hierarchical HITs Julien Laganier
[Hipsec-rg] Hierarchical HITs Oleg Ponomarev
[Hipsec-rg] 答复: Hierarchical HITs Sheng Jiang
[Hipsec-rg] 答复: 答复: Hierarchical HITs Sheng Jiang
[Hipsec-rg] 答复: Hierarchical HITs Sheng Jiang
[Hipsec-rg] Hierarchical HITs Oleg Ponomarev
[Hipsec-rg] Hierarchical HITs (Was: reverse DNS l… JiangSheng 66104
[Hipsec-rg] Key Revocation Issue Zhang Dacheng
[Hipsec-rg] Key Revocation Issue Henderson, Thomas R