Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt
Francis Dupont <Francis.Dupont@enst-bretagne.fr> Mon, 24 October 2005 16:10 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EU4u3-0000lF-2C; Mon, 24 Oct 2005 12:10:27 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EU4tw-0000ke-LA for mip6@megatron.ietf.org; Mon, 24 Oct 2005 12:10:24 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA18130 for <mip6@ietf.org>; Mon, 24 Oct 2005 12:10:07 -0400 (EDT)
Received: from laposte.rennes.enst-bretagne.fr ([192.44.77.17]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EU56h-0000bB-4k for mip6@ietf.org; Mon, 24 Oct 2005 12:23:33 -0400
Received: from givry.rennes.enst-bretagne.fr (givry.rennes.enst-bretagne.fr [193.52.74.194]) by laposte.rennes.enst-bretagne.fr (8.11.6p2/8.11.6/2003.04.01) with ESMTP id j9OGA2f20246; Mon, 24 Oct 2005 18:10:02 +0200
Received: from givry.rennes.enst-bretagne.fr (localhost.rennes.enst-bretagne.fr [127.0.0.1]) by givry.rennes.enst-bretagne.fr (8.13.1/8.13.1) with ESMTP id j9OGA2rV082832; Mon, 24 Oct 2005 18:10:02 +0200 (CEST) (envelope-from dupont@givry.rennes.enst-bretagne.fr)
Message-Id: <200510241610.j9OGA2rV082832@givry.rennes.enst-bretagne.fr>
From: Francis Dupont <Francis.Dupont@enst-bretagne.fr>
To: Alexandru Petrescu <alexandru.petrescu@motorola.com>
Subject: Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt
In-reply-to: Your message of Mon, 24 Oct 2005 17:42:35 +0200. <435D00EB.1080707@motorola.com>
Date: Mon, 24 Oct 2005 18:10:02 +0200
X-Virus-Scanned: by amavisd-milter (http://amavis.org/) at enst-bretagne.fr
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 21c69d3cfc2dd19218717dbe1d974352
Cc: mip6@ietf.org, Kilian Weniger <Kilian.Weniger@eu.panasonic.com>, James Kempf <Kempf@docomolabs-usa.com>
X-BeenThere: mip6@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: mip6.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mip6>, <mailto:mip6-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:mip6@ietf.org>
List-Help: <mailto:mip6-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mip6>, <mailto:mip6-request@ietf.org?subject=subscribe>
Sender: mip6-bounces@ietf.org
Errors-To: mip6-bounces@ietf.org
In your previous mail you wrote: > => this is more an argument for HA-switch (another way to provide HA > assignment)... Thanks, where is HA-switch discussed, drafted? => draft-haley-mip6-ha-switch-00.txt and (more general) draft-devarapalli-mip6-nemo-local-haha-00.txt I believe one of these I-Ds was proposed for the MIPv6 agenda. > The issue with the anycast-like address is the responder must be > always the same box in order to use correctly IPsec. I don't buy into that. It's like saying that because of IPsec two boxes aren't allowed to have same IPv6 address. It's also ignoring that the "unique IP address per box" concept no longer exists since "server farms and blades", "IP over VIA" and "modem connected to PDA" got widespread use. => multiple sources don't work well when two of the security services are "source origin authentication" and "anti-replay". IPsec is just not the right protocol here. > IMHO the best way to protect current DHAAD is per exchange and not > per communication but the real issue is the effort doesn't worth it. exchange vs. communication? => exchange := request/reply, communication:= stream of exchanges. IPsec or SSL/TLS are stream/session oriented, an exchange oriented security protocol should use per message signature and similar ideas, not a session key with an anti-replay mechanism. The problem here is the standard security protocol (IPsec) is not convenient and to add security from scratch is known to be hard, so it is better to use something more suitable, DNSSEC is fine because it has both (in an exchange oriented style BTW) transaction and data protections... Regards Francis.Dupont@enst-bretagne.fr _______________________________________________ Mip6 mailing list Mip6@ietf.org https://www1.ietf.org/mailman/listinfo/mip6
- [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Kilian Weniger
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt James Kempf
- [Mip6] Re: draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- [Mip6] RE: draft-dupont-mip6-dhaadharmful-00.txt Kilian Weniger
- Re: [Mip6] Re: draft-dupont-mip6-dhaadharmful-00.… Vijay Devarapalli
- [Mip6] Re: draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- Re: [Mip6] Re: draft-dupont-mip6-dhaadharmful-00.… Francis Dupont
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Narayanan Vidya-CVN065
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Kilian Weniger
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Narayanan Vidya-CVN065
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Narayanan Vidya-CVN065
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Kilian Weniger
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Narayanan Vidya-CVN065
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Gerardo Giaretta
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt COMBES Jean-Michel RD-MAPS-ISS
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Gerardo Giaretta
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt COMBES Jean-Michel RD-MAPS-ISS
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Gerardo Giaretta
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Gerardo Giaretta
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt COMBES Jean-Michel RD-MAPS-ISS
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Narayanan Vidya-CVN065
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt COMBES Jean-Michel RD-MAPS-ISS
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Narayanan Vidya-CVN065
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Kilian Weniger
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Kilian Weniger
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Gerardo Giaretta
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Gerardo Giaretta
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Gerardo Giaretta
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt COMBES Jean-Michel RD-MAPS-ISS
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Gerardo Giaretta
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt COMBES Jean-Michel RD-MAPS-ISS
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Gerardo Giaretta
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Kilian Weniger
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt COMBES Jean-Michel RD-MAPS-ISS
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Kilian Weniger
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt COMBES Jean-Michel RD-MAPS-ISS
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt COMBES Jean-Michel RD-MAPS-ISS
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Narayanan Vidya-CVN065
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Narayanan Vidya-CVN065
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alexandru Petrescu
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Basavaraj.Patil
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Vijay Devarapalli
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Vijay Devarapalli
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Vijay Devarapalli
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Vijay Devarapalli
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Vijay Devarapalli
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Francis Dupont
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Alper Yegin
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Gerardo Giaretta
- RE: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Gerardo Giaretta
- Re: [Mip6] draft-dupont-mip6-dhaadharmful-00.txt Brian Haley