IETF Logo Mail Archive

Re: CGA-based HoA generation for MIP6 (was RE: [Mipshop] Review of draft-arkko-mipshop-cga-cba-04)

Vijay Devarapalli <vijay.devarapalli@azairenet.com> Tue, 15 August 2006 23:26 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GD8Id-0004hT-6M; Tue, 15 Aug 2006 19:26:19 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GD8Ib-0004gt-8L for mipshop@ietf.org; Tue, 15 Aug 2006 19:26:17 -0400
Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GD3Y9-0004zE-5Z for mipshop@ietf.org; Tue, 15 Aug 2006 14:22:01 -0400
Received: from mail1.azairenet.com ([66.92.223.4] helo=bart.corp.azairenet.com) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1GD3MA-0005TJ-8b for mipshop@ietf.org; Tue, 15 Aug 2006 14:09:40 -0400
Received: from [10.1.201.3] ([10.1.201.3]) by bart.corp.azairenet.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 15 Aug 2006 11:09:32 -0700
Message-ID: <44E20DDC.4090707@azairenet.com>
Date: Tue, 15 Aug 2006 11:09:32 -0700
From: Vijay Devarapalli <vijay.devarapalli@azairenet.com>
User-Agent: Thunderbird 1.5.0.5 (Windows/20060719)
MIME-Version: 1.0
To: "Narayanan, Vidya" <vidyan@qualcomm.com>
Subject: Re: CGA-based HoA generation for MIP6 (was RE: [Mipshop] Review of draft-arkko-mipshop-cga-cba-04)
References: <C24CB51D5AA800449982D9BCB903251311A6D3@NAEX13.na.qualcomm.com>
In-Reply-To: <C24CB51D5AA800449982D9BCB903251311A6D3@NAEX13.na.qualcomm.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 15 Aug 2006 18:09:32.0776 (UTC) FILETIME=[F57ABE80:01C6C095]
X-Spam-Score: -2.2 (--)
X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d
Cc: Christian Vogt <chvogt@tm.uka.de>, mipshop@ietf.org, Jari Arkko <jari.arkko@piuha.net>
X-BeenThere: mipshop@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: mipshop.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mipshop>, <mailto:mipshop-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:mipshop@ietf.org>
List-Help: <mailto:mipshop-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mipshop>, <mailto:mipshop-request@ietf.org?subject=subscribe>
Errors-To: mipshop-bounces@ietf.org

Narayanan, Vidya wrote:

> I don't know that this is true. As we know, what we get from IPsec and
> CGAs are quite orthogonal benefits. In the case where the HA assigns the
> HoA via IKEv2, HoA authorization at the HA is not needed, since the HA
> knows that the IPsec SA is tied to the owner of the corresponding HoA.
> Now, systems that allow stateless autoconfiguration of HoAs may or may
> not want to ensure that those IP addresses are authorized and verified.

lets take HoA auto-configuration.

when the MN proposes a home address, the HA checks if
the address has been claimed by/allocated to some
other mobile node. if nobody else is using that home
address, the MN is free to use the address.

if somebody else does want to use the same home
address later on, the HA will reject the request and
allocate a new home address for the MN.

> If a system employs CGAs in the network, it is actually an indication
> that the system deployment cares about IP address ownership
> verification. In this case, it actually seems to me that the HA being
> able to verify the CGA would be very valuable and needed. 

sure. but in this case, CGA-based home addresses do
not add much.

Vijay

_______________________________________________
Mipshop mailing list
Mipshop@ietf.org
https://www1.ietf.org/mailman/listinfo/mipshop

v2.23.0 | Report a Bug | By Email