IETF Logo Mail Archive

Re: [CGA-EXT] Re: [Int-area] CGA & SeND extensions discussion

"James Kempf" <kempf@docomolabs-usa.com> Tue, 21 November 2006 21:56 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GmdbN-0001a1-9X; Tue, 21 Nov 2006 16:56:25 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GmdbL-0001Zf-RK; Tue, 21 Nov 2006 16:56:23 -0500
Received: from key1.docomolabs-usa.com ([216.98.102.225] helo=fridge.docomolabs-usa.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GmdbK-0001lS-EI; Tue, 21 Nov 2006 16:56:23 -0500
Message-ID: <012801c70db7$ef018920$516015ac@dcml.docomolabsusa.com>
From: James Kempf <kempf@docomolabs-usa.com>
To: Jean-Michel Combes <jeanmichel.combes@gmail.com>, marcelo bagnulo braun <marcelo@it.uc3m.es>
References: <c21dd5dda8a5ba865571fdbd64c11c3b@it.uc3m.es> <729b68be0611211122j17e4c3a7g8958247e28ad19ac@mail.gmail.com>
Subject: Re: [CGA-EXT] Re: [Int-area] CGA & SeND extensions discussion
Date: Tue, 21 Nov 2006 13:56:44 -0800
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="iso-8859-1"; reply-type="response"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 3.1 (+++)
X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22
Cc: SEND WG <ietf-send@standards.ericsson.net>, cga-ext@ietf.org, INT Area <int-area@ietf.org>
X-BeenThere: int-area@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/int-area>
List-Post: <mailto:int-area@lists.ietf.org>
List-Help: <mailto:int-area-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@lists.ietf.org?subject=subscribe>
Errors-To: int-area-bounces@lists.ietf.org

>> - Proxy SeND. The idea here is to define SeND and CGA extensions so
>> that SeND can be used with Proxy ND. Reference:
>> draft-kempf-mobopts-ringsig-ndproxy-01.txt
>> - Define extensions to Multi-Key CGAs: The idea here is to allow the
>> possibility of including multiple public keys in a single CGA
>> Parameter Data Structure, so that multiple parties can claim address
>> ownership. Reference: J. Kempf, J. Wood, Z. Ramzan, C. Gentry, "IP
>> Address Authorization for Secure Address Proxying using Multi-key CGAs
>> and Ring Signatures", IWSEC'06.
>
> IMO, these 2 previous items are in fact in the same topic (i.e. the
> second one as solution for the first one), aren't they?
>

Actually, there are other uses for multikey CGAs besides proxying. For 
example, it makes it possible to configure all access routers in an area 
with the same link local address, and still be able to have them use SEND, 
without requiring them to share a private key. Also, it can be used for 
route optimization in NEMO (paper available on request, somewhat speculative 
however).

And there are other solutions for proxy SEND. For example, having the node 
simply trust the proxy based on the proxy's certificate, or having the node 
supply the proxy with an attribute certificate allowing the proxy to claim 
and defend the address.

            jak 


_______________________________________________
Int-area mailing list
Int-area@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/int-area

v2.23.0 | Report a Bug | By Email