IETF Logo Mail Archive

Re: [Hipsec] some comments for mm-03: Section 6

Pekka Nikander <pekka.nikander@nomadiclab.com> Mon, 10 April 2006 04:35 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FSo7R-0001Nm-6I; Mon, 10 Apr 2006 00:35:17 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FSo7Q-0001Nh-7L for hipsec@lists.ietf.org; Mon, 10 Apr 2006 00:35:16 -0400
Received: from n2.nomadiclab.com ([193.234.219.2]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FSo7O-0006EK-Q2 for hipsec@lists.ietf.org; Mon, 10 Apr 2006 00:35:16 -0400
Received: from n2.nomadiclab.com (localhost [127.0.0.1]) by n2.nomadiclab.com (Postfix) with ESMTP id 2170F212C63; Mon, 10 Apr 2006 07:35:14 +0300 (EEST)
Received: from [127.0.0.1] (localhost [127.0.0.1]) by n2.nomadiclab.com (Postfix) with ESMTP id CAE66212C5F; Mon, 10 Apr 2006 07:35:13 +0300 (EEST)
In-Reply-To: <Pine.GSO.4.58.0604050339420.965@kekkonen.cs.hut.fi>
References: <Pine.GSO.4.58.0604031849370.25408@kekkonen.cs.hut.fi> <Pine.GSO.4.58.0604032327210.20948@kekkonen.cs.hut.fi> <Pine.GSO.4.58.0604040030510.20948@kekkonen.cs.hut.fi> <Pine.GSO.4.58.0604050339420.965@kekkonen.cs.hut.fi>
Mime-Version: 1.0 (Apple Message framework v746.3)
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
Message-Id: <A2646A79-A730-4218-86C9-46BA26E0ECD7@nomadiclab.com>
Content-Transfer-Encoding: 7bit
From: Pekka Nikander <pekka.nikander@nomadiclab.com>
Subject: Re: [Hipsec] some comments for mm-03: Section 6
Date: Mon, 10 Apr 2006 07:33:56 +0300
To: Miika Komu <miika@iki.fi>
X-Mailer: Apple Mail (2.746.3)
X-Virus-Scanned: ClamAV using ClamSMTP
X-Spam-Score: 0.0 (/)
X-Scan-Signature: e5ba305d0e64821bf3d8bc5d3bb07228
Cc: hipsec@lists.ietf.org
X-BeenThere: hipsec@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/hipsec>
List-Post: <mailto:hipsec@lists.ietf.org>
List-Help: <mailto:hipsec-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@lists.ietf.org?subject=subscribe>
Errors-To: hipsec-bounces@lists.ietf.org

>> If an attacker somehow uses a bug in the implementation or  
>> weakness in
>> some protocol to redirect a HIP connection, the original owner can
>> always reclaim their connection (they can always prove ownership  
>> of the
>> private key associated with their public HI).
>
> How is this possible if the private key is compromised?

If the private key is compromised, there is nothing you can do.  The  
only think you can do is to revoke the public key; something the (so  
far) have deliberately left out of scope.

>> MitM attacks are always possible if the attacker is present during  
>> the
>> initial HIP base exchange and if the hosts do not authenticate each
>> other's identities, but once the base exchange has taken place even a
>> MitM cannot steal an opportunistic HIP connection because it is very
>> difficult for an attacker to create an UPDATE packet (or any HIP  
>> packet)
>> that will be accepted as a legitimate update.
>
> This does not make sense because it is too obvious? After  
> opportunistic
> connection (leap of faith) the connection is no longer opportunistic.
> Maybe this text can be just removed.

It may be obvious to you and me, but not to everyone.

--Pekka


_______________________________________________
Hipsec mailing list
Hipsec@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/hipsec

v2.23.0 | Report a Bug | By Email