[Hipsec] Feedback for 4423bis
Sasu Tarkoma <sasu.tarkoma@helsinki.fi> Wed, 10 October 2012 19:05 UTC
Return-Path: <sasu.tarkoma@helsinki.fi>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E57A111E809A for <hipsec@ietfa.amsl.com>; Wed, 10 Oct 2012 12:05:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rp6iHePt3Z7W for <hipsec@ietfa.amsl.com>; Wed, 10 Oct 2012 12:05:58 -0700 (PDT)
Received: from mail.cs.helsinki.fi (courier.cs.helsinki.fi [128.214.9.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3736311E8091 for <hipsec@ietf.org>; Wed, 10 Oct 2012 12:05:56 -0700 (PDT)
Received: from [192.168.0.16] (cs181201041.pp.htv.fi [82.181.201.41]) (AUTH: PLAIN starkoma, SSL: TLSv1/SSLv3,128bits,AES128-SHA) by mail.cs.helsinki.fi with esmtp; Wed, 10 Oct 2012 22:05:46 +0300 id 0008C5DC.5075C70A.00005E82
From: Sasu Tarkoma <sasu.tarkoma@helsinki.fi>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-Id: <502A164E-8CCA-459B-A404-4E668150A684@helsinki.fi>
Date: Wed, 10 Oct 2012 22:05:47 +0300
To: hipsec@ietf.org
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
X-Mailer: Apple Mail (2.1499)
Subject: [Hipsec] Feedback for 4423bis
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Oct 2012 19:05:59 -0000
Hi all, I read the latest HIP architecture draft (4423bis-05) and it looks very good. Below you will find some observations that I made when reading the draft. Best regards, - Sasu ------ - Architecture and implementation details are partly intertwined here. Perhaps the generic model can be summarised first and then the implementation specific details. Theory of HI is mentioned in the beginning, but I think it is not clear for all readers what is meant by this. - It is stated that the model is general and it does not require public key crypto; however, this is not really elaborated. Also it is stated that the model can be applied at any layer, but this is not explained. The description assumes that Host Identity decouples internetworking and transport layers. - The draft does not discuss architecture and protocol deployment issues. This is one practical requirement given the momentum of the current solutions. - The description of the HIP protocol is quite light in this draft. The introductory part to section 5 could briefly state the key components of HIP including BEX, mobility/multihoming support, and rendezvous that are covered by the following subsections. - In section 5, it is stated that: "Similarly, if it is possible to distribute the processing of a single Host Identity over several physical computers, HIP provides for cluster based services without any changes at the client end-point." I think the base specification and implementation do not directly support this, but additional management extensions are needed. - Computational puzzle does not appear to be mentioned. - Extensions (new hash functions) are not elaborated. This is related to a general requirement that a protocol should be evolvable. - p. 17 section 10 needs a reference - p. 21 the downgrade attack should be elaborated. - Typo: p. 5 Identfier
- [Hipsec] Feedback for 4423bis Sasu Tarkoma
- Re: [Hipsec] Feedback for 4423bis Miika Komu
- Re: [Hipsec] Feedback for 4423bis Robert Moskowitz
- Re: [Hipsec] Feedback for 4423bis Miika Komu
- Re: [Hipsec] Feedback for 4423bis Miika Komu
- Re: [Hipsec] Feedback for 4423bis Miika Komu
- Re: [Hipsec] Feedback for 4423bis Miika Komu
- Re: [Hipsec] Feedback for 4423bis Miika Komu