Re: [Hipsec] ORCHID IANA allocation
"Henderson, Thomas R" <thomas.r.henderson@boeing.com> Fri, 26 February 2010 17:30 UTC
Return-Path: <thomas.r.henderson@boeing.com>
X-Original-To: hipsec@core3.amsl.com
Delivered-To: hipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A507228C13D for <hipsec@core3.amsl.com>; Fri, 26 Feb 2010 09:30:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.527
X-Spam-Level:
X-Spam-Status: No, score=-6.527 tagged_above=-999 required=5 tests=[AWL=0.072, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JexyFJorSKo1 for <hipsec@core3.amsl.com>; Fri, 26 Feb 2010 09:30:12 -0800 (PST)
Received: from stl-smtpout-01.boeing.com (stl-smtpout-01.boeing.com [130.76.96.56]) by core3.amsl.com (Postfix) with ESMTP id 3B5033A86DC for <hipsec@ietf.org>; Fri, 26 Feb 2010 09:30:12 -0800 (PST)
Received: from blv-av-01.boeing.com (blv-av-01.boeing.com [130.247.48.231]) by stl-smtpout-01.ns.cs.boeing.com (8.14.4/8.14.4/8.14.4/SMTPOUT) with ESMTP id o1QHWEZ4004250 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Fri, 26 Feb 2010 11:32:15 -0600 (CST)
Received: from blv-av-01.boeing.com (localhost [127.0.0.1]) by blv-av-01.boeing.com (8.14.4/8.14.4/DOWNSTREAM_RELAY) with ESMTP id o1QHWEOj000548; Fri, 26 Feb 2010 09:32:14 -0800 (PST)
Received: from XCH-NWHT-04.nw.nos.boeing.com (xch-nwht-04.nw.nos.boeing.com [130.247.64.250]) by blv-av-01.boeing.com (8.14.4/8.14.4/UPSTREAM_RELAY) with ESMTP id o1QHWDgK000532 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=OK); Fri, 26 Feb 2010 09:32:14 -0800 (PST)
Received: from XCH-NW-10V.nw.nos.boeing.com ([130.247.25.83]) by XCH-NWHT-04.nw.nos.boeing.com ([130.247.64.250]) with mapi; Fri, 26 Feb 2010 09:32:13 -0800
From: "Henderson, Thomas R" <thomas.r.henderson@boeing.com>
To: 'Tobias Heer' <heer@cs.rwth-aachen.de>
Date: Fri, 26 Feb 2010 09:32:12 -0800
Thread-Topic: [Hipsec] ORCHID IANA allocation
Thread-Index: Acq25lNkrpnVEAs0QxWqvICSj1vFOgAIvaOQ
Message-ID: <7CC566635CFE364D87DC5803D4712A6C4C1F48A81F@XCH-NW-10V.nw.nos.boeing.com>
References: <00E85481-5745-4093-B165-887058ED719B@cs.rwth-aachen.de><"7CC566 6 35CFE364D87DC5803D4712A6C4C1F48A6D9"@XCH-NW-10V.nw.nos.boeing.com><"BF345F6 30 74F8040B58C00A186FCA57F1C692DBE6B"@NALASEXMB04.na.qualcomm.com><"461A6C4B-0 8E 3-4D77-8292-BD4CCC7A375B"@cs.rwth-aachen.de><4B8546B5.3010708@hiit.fi><BF34 5F63074F8040B58C00A186FCA57F1C6A8C3ADE@NALASEXMB04.na.qualcomm.com><7CC5666 35CFE364D87DC5803D4712A6C4C1F48A7E8@XCH-NW-10V.nw.nos.boeing.com> <28B85428-CC28-4DB4-83AC-505CE6B4E955@cs.rwth-aachen.de>
In-Reply-To: <28B85428-CC28-4DB4-83AC-505CE6B4E955@cs.rwth-aachen.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "hipsec@ietf.org" <hipsec@ietf.org>
Subject: Re: [Hipsec] ORCHID IANA allocation
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Feb 2010 17:30:13 -0000
> -----Original Message----- > From: Tobias Heer [mailto:heer@cs.rwth-aachen.de] > Sent: Friday, February 26, 2010 5:19 AM > To: Henderson, Thomas R > Cc: 'Laganier, Julien'; miika.komu@hiit.fi; hipsec@ietf.org > Subject: Re: [Hipsec] ORCHID IANA allocation > <snip> > > I don't think that is a big concern. The ORCHID is designed > in a way that the context ID is not visible from the ORCHID. > Hence, all protocols that use ORCHIDS need checks whether a > given ORCHID actually matches the current protocol context. > As far as I can tell, this is done by simple trial and error: > hash the public key and the context ID and see if it matches. > Now, with the 4 additional bits, for a new (4+96 bit) ORCHID, > the protocols that use the old ORCHID format check for the > context ID again and the test would fail. In that case, the > protocol would figure that it is an ORCHID of another > protocol - no harm done... and no need to "share" the four > bits. Am I missing something here? I think you are right. > Do you want to discuss the answers to your questions on the > list or are these meant as todo for the authors of the > respective documents. I think we should discuss them on the list. For questions 1 and 2, I do not care so much about the answer, other than we just document what future plans are envisioned. Question 3 is more interesting and we are already discussing with the RELOAD draft. - Tom > > I can adjust the text in RFC5201-bis to match the new HIT > format and the resulting changes in the BEX. Part of it was > already done together with Bob anyway. I will post the result > on the list. > > > 1.) > > - future allocations of new ORCHID prefixes? Are there any > conditions that would lead to asking for additional ORCHID > prefixes, or do we expect only one such prefix? > 2.) > > - what happens if the four bits runs out (do we deprecate > old values such as in RFC4982?) > 3.) > > - some discussion of the relationship between HITs, LSIs, > ORCHIDs, and other quantities. > > ** future extension of HIT size (256 bits has been raised > in the past)-- is this possible or are we closing the door on > such a future extension?. More generally, does HIP allow for > HITs that are not ORCHIDs? (e.g. the old type-2 HITs, or > more recent proposals for hierarchical HITs) Do we use the > bits in the HIP control field to identify HIT type? > > ** possible use of RFC 3972 or 4982 CGAs as HITs (Marcelo > and Jari have floated this idea in the past) > > ** LSI prefix for IPv4 (recall we discussed a /16 in the > 127/8 space-- do we also want to resolve this issue while we > are resolving ORCHIDs?) > > ** are LSIs possible for IPv6? When would they be used > instead of ORCHIDs? > > > > Tobias > > > > Tom > > _______________________________________________ > > Hipsec mailing list > > Hipsec@ietf.org > > https://www.ietf.org/mailman/listinfo/hipsec > > > > > -- > > Dipl.-Inform. Tobias Heer, Ph.D. Student > Distributed Systems Group > RWTH Aachen University, Germany > tel: +49 241 80 207 76 > web: http://ds.cs.rwth-aachen.de/members/heer > > > > > > > >
- [Hipsec] 28 + 4 + 96 bit HIT crypto agility Tobias Heer
- Re: [Hipsec] 28 + 4 + 96 bit HIT crypto agility Henderson, Thomas R
- [Hipsec] ORCHID IANA allocation (was: 28 + 4 + 96… Laganier, Julien
- Re: [Hipsec] 28 + 4 + 96 bit HIT crypto agility Robert Moskowitz
- Re: [Hipsec] 28 + 4 + 96 bit HIT crypto agility Henderson, Thomas R
- Re: [Hipsec] 28 + 4 + 96 bit HIT crypto agility Miika Komu
- Re: [Hipsec] 28 + 4 + 96 bit HIT crypto agility Andrey Lukyanenko
- [Hipsec] Fwd: 28 + 4 + 96 bit HIT crypto agility Tobias Heer
- Re: [Hipsec] 28 + 4 + 96 bit HIT crypto agility Tobias Heer
- [Hipsec] ORCHID RFC 4843 (was: 28 + 4 + 96 bit HI… Tobias Heer
- Re: [Hipsec] ORCHID IANA allocation (was: 28 + 4 … Tobias Heer
- Re: [Hipsec] ORCHID IANA allocation Miika Komu
- Re: [Hipsec] ORCHID IANA allocation Laganier, Julien
- Re: [Hipsec] ORCHID IANA allocation Henderson, Thomas R
- Re: [Hipsec] ORCHID IANA allocation Ahrenholz, Jeffrey M
- Re: [Hipsec] ORCHID IANA allocation Tobias Heer
- Re: [Hipsec] ORCHID IANA allocation Laganier, Julien
- Re: [Hipsec] ORCHID IANA allocation Tobias Heer
- Re: [Hipsec] ORCHID IANA allocation Henderson, Thomas R