[Mipshop] Review of draft-arkko-mipshop-cga-cba-04
Lakshminath Dondeti <ldondeti@qualcomm.com> Tue, 08 August 2006 00:12 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GAFDA-00079A-Uz; Mon, 07 Aug 2006 20:12:44 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GAFD9-00077h-Iw for mipshop@ietf.org; Mon, 07 Aug 2006 20:12:43 -0400
Received: from ithilien.qualcomm.com ([129.46.51.59]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GAFBC-0006qY-5Q for mipshop@ietf.org; Mon, 07 Aug 2006 20:10:43 -0400
Received: from neophyte.qualcomm.com (neophyte.qualcomm.com [129.46.61.149]) by ithilien.qualcomm.com (8.13.6/8.12.5/1.0) with ESMTP id k780AefI022843 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <mipshop@ietf.org>; Mon, 7 Aug 2006 17:10:41 -0700
Received: from LDONDETI.qualcomm.com (qconnect-10-50-65-1.qualcomm.com [10.50.65.1]) by neophyte.qualcomm.com (8.13.6/8.13.6/1.0) with ESMTP id k780Aagq029934 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <mipshop@ietf.org>; Mon, 7 Aug 2006 17:10:36 -0700 (PDT)
Message-Id: <7.0.1.0.2.20060807150109.06a92e98@qualcomm.com>
X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0
Date: Mon, 07 Aug 2006 17:10:35 -0700
To: mipshop@ietf.org
From: Lakshminath Dondeti <ldondeti@qualcomm.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: cab78e1e39c4b328567edb48482b6a69
Subject: [Mipshop] Review of draft-arkko-mipshop-cga-cba-04
X-BeenThere: mipshop@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: mipshop.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mipshop>, <mailto:mipshop-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:mipshop@ietf.org>
List-Help: <mailto:mipshop-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mipshop>, <mailto:mipshop-request@ietf.org?subject=subscribe>
Errors-To: mipshop-bounces@ietf.org
This is in response to the call on whether to adopt draft-arkko-mipshop-cga-cba-04 as a MIPSHOP WG item. Given that the charter already says "MIPv6 Return Routability via both Cryptographically Generated Addresses and Credit-based Authorization for advancement as Proposed Standard * Documents: draft-ietf-mipshop-cga-cba-XX.txt" I am not really sure whether there is anything to say about adopting the I-D as a working group item. I think the draft needs a revision and some major surgery. Whether that happens before it becomes a WG item or after really doesn't matter to me. So, I had a tough time trying to follow what's being proposed, but when I got to the security considerations section, things were clearer; that section seems to capture the problem space very clearly. I think the draft needs to be revised using that as the guideline. Specifically, I find that the proposed solution is too dependent on the 3775's solution for RO. I think the consideration should be on the problem itself and a solution based on CGAs. Any problems that are native to IPv6 itself need not be addressed in this draft. To that end, I am proposing that the draft be split into two parts and considered separately. Let me pose that as a question actually. Are flooding attacks (from the last paragraph of the sec considerations section) specific to MIP6 or IPv6? If there is nothing MIP6 specific there, that problem and the solution should be moved out of this draft. To address redirection attacks, does a CN need to verify reachability of a HoA or whether the HoA is valid or not? Perhaps the latter is sufficient? Next, if the goal in generating a symmetric key is to amortize the cost of a public-key operation, it should be specified as such. The concept of keygen is confusing in this draft and that seems to be due to the re-use of the terminology from 3775. I think it is best to avoid that confusion here. I realize those are high-level comments, but feel free to start a discussion on any of those if anything is unclear. regards, Lakshminath _______________________________________________ Mipshop mailing list Mipshop@ietf.org https://www1.ietf.org/mailman/listinfo/mipshop
- [Mipshop] Review of draft-arkko-mipshop-cga-cba-04 Narayanan, Vidya
- Re: [Mipshop] Review of draft-arkko-mipshop-cga-c… Wassim Haddad
- RE: [Mipshop] Review of draft-arkko-mipshop-cga-c… Narayanan, Vidya
- [Mipshop] Review of draft-arkko-mipshop-cga-cba-04 Lakshminath Dondeti
- RE: [Mipshop] Review of draft-arkko-mipshop-cga-c… Narayanan, Vidya
- Re: [Mipshop] Review of draft-arkko-mipshop-cga-c… Christian Vogt
- Re: [Mipshop] Review of draft-arkko-mipshop-cga-c… Christian Vogt
- Flooding Attacks and MIP6 (was RE: [Mipshop] Revi… Narayanan, Vidya
- CGA-based HoA generation for MIP6 (was RE: [Mipsh… Narayanan, Vidya
- Re: Flooding Attacks and MIP6 (was RE: [Mipshop] … Jari Arkko
- RE: CGA-based HoA generation for MIP6 (was RE: [M… Narayanan, Vidya
- RE: Flooding Attacks and MIP6 (was RE: [Mipshop] … Narayanan, Vidya
- Re: CGA-based HoA generation for MIP6 (was RE: [M… Jari Arkko
- Re: Flooding Attacks and MIP6 (was RE: [Mipshop] … Vijay Devarapalli
- RE: Flooding Attacks and MIP6 (was RE: [Mipshop] … Narayanan, Vidya
- Re: Flooding Attacks and MIP6 (was RE: [Mipshop] … Christian Vogt
- Re: Flooding Attacks and MIP6 (was RE: [Mipshop] … Christian Vogt
- Re: CGA-based HoA generation for MIP6 (was RE: [M… Christian Vogt
- Re: CGA-based HoA generation for MIP6 (was RE: [M… Jari Arkko
- Re: CGA-based HoA generation for MIP6 (was RE: [M… Lakshminath Dondeti
- RE: CGA-based HoA generation for MIP6 (was RE: [M… Narayanan, Vidya
- RE: CGA-based HoA generation for MIP6 (was RE: [M… Wassim Haddad
- Re: CGA-based HoA generation for MIP6 (was RE: [M… Christian Vogt
- Re: CGA-based HoA generation for MIP6 (was RE: [M… Lakshminath Dondeti
- Re: Flooding Attacks and MIP6 (was RE: [Mipshop] … Jari Arkko
- Re: CGA-based HoA generation for MIP6 (was RE: [M… Christian Vogt
- Re: CGA-based HoA generation for MIP6 (was RE: [M… Christian Vogt
- Re: CGA-based HoA generation for MIP6 (was RE: [M… Vijay Devarapalli
- RE: Flooding Attacks and MIP6 (was RE: [Mipshop] … Narayanan, Vidya
- RE: Flooding Attacks and MIP6 (was RE: [Mipshop] … Christian Vogt
- RE: Flooding Attacks and MIP6 (was RE: [Mipshop] … Narayanan, Vidya