Re: [P2PSIP] Re: HIP pros and cons
"Bruce Lowekamp" <lowekamp@sipeerior.com> Thu, 13 December 2007 16:14 UTC
Return-path: <p2psip-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1J2qi0-0003sb-33; Thu, 13 Dec 2007 11:14:48 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1J2qhy-0003sJ-Ia for p2psip@ietf.org; Thu, 13 Dec 2007 11:14:46 -0500
Received: from nz-out-0506.google.com ([64.233.162.235]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1J2qhy-00082g-7w for p2psip@ietf.org; Thu, 13 Dec 2007 11:14:46 -0500
Received: by nz-out-0506.google.com with SMTP id n1so400350nzf.4 for <p2psip@ietf.org>; Thu, 13 Dec 2007 08:14:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=fPwvlpWprqRMvvYDfLbAcY0ieYSp8/y3mvMdYekl8jc=; b=MWXobIHmXH17D/zTpNOzM+V6SGZ4RiGHO5SaiaDaaZrN10x9wQ9WDu6ZQ8yBjGbdK0t1L4AIm/MNFPXhtSECiSWh3KTShCad9zC6EfCn3pq9oEYbSDfSleZotL8Z9Q5KwYbS0rOWyP7tzKm6UWYvhIN80fZp1yZPLaLhy5EZ9xE=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=h6cbsAvFn6QYS1Pou1F3re5EPrZoFDpfpQyCyOLnXK6U4hq8jV7JjkoMxLrnguBvE5bOE4rVjQxF8YeD6igTJWNgDK4qmBd/sWnMjbzbN3H8IwFBoYArjCf1P2bTYB44aOnIumlhJMg1gX+pdP3HetRmLyDvZMlhGsUvvq+1xqQ=
Received: by 10.142.101.17 with SMTP id y17mr903423wfb.54.1197562483467; Thu, 13 Dec 2007 08:14:43 -0800 (PST)
Received: by 10.142.132.18 with HTTP; Thu, 13 Dec 2007 08:14:43 -0800 (PST)
Message-ID: <20d2bdfb0712130814l70efa822l1f30d0b3db049eb4@mail.gmail.com>
Date: Thu, 13 Dec 2007 11:14:43 -0500
From: Bruce Lowekamp <lowekamp@sipeerior.com>
To: Miika Komu <miika@iki.fi>
Subject: Re: [P2PSIP] Re: HIP pros and cons
In-Reply-To: <Pine.SOL.4.64.0712130903370.6449@kekkonen.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <E1J0dHW-0005ik-OT@megatron.ietf.org> <Pine.SOL.4.64.0712080222070.16938@kekkonen.cs.hut.fi> <20d2bdfb0712100856q74c042d2y665964605fb37c71@mail.gmail.com> <Pine.SOL.4.64.0712121240120.24969@kekkonen.cs.hut.fi> <20071212160813.3863033C6D@delta.rtfm.com> <Pine.SOL.4.64.0712130903370.6449@kekkonen.cs.hut.fi>
X-Google-Sender-Auth: fbdbfc78e07e47e9
X-Spam-Score: 0.0 (/)
X-Scan-Signature: bb8f917bb6b8da28fc948aeffb74aa17
Cc: p2psip@ietf.org
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/p2psip>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
Errors-To: p2psip-bounces@ietf.org
On Dec 13, 2007 2:29 AM, Miika Komu <miika@iki.fi> wrote: > On Wed, 12 Dec 2007, Eric Rescorla wrote: > > > > Yes, you need to throttle queries somewhat at the enrollment server. > > But this is a much easier problem than throttling key generations > > which don't require a server query. > > I have two questions regarding to this: > * Is it possible to have a distributed enrollment server (i.e. the DHT) or > is this an open research problem? For the purposes of the p2psip wg, it was ruled out of scope as an open research problem. > * Why can't we just use a centralized enrollment server to distribute > mandatory certificates for Host Identities? The enrollment server could > still throttle based on the IP address of the client, which I assume you > we suggesting? As long as the enrollment server is able to restrict someone from picking arbitrary IDs and either throttles requests or restricts requests in some other way, that probably meets the security requirement. Not very secure if it's just based on the IP address of the client, though, as it's easy to get a lot of those. > I find it a little bit controversial that the P2P-SIP is supposed to > distributed (DHT) and non-distributed (enrollment servers) at the same > time. Who owns the centralized enrollment server and how do you prevent > it to become a single point of failure for P2P-SIP? > Depends on the deployment scenario. For a partial list, take a look at http://tools.ietf.org/wg/p2psip/draft-bryan-p2psip-app-scenarios-00.txt Bruce _______________________________________________ P2PSIP mailing list P2PSIP@ietf.org https://www1.ietf.org/mailman/listinfo/p2psip
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- Re: [P2PSIP] Re: HIP pros and cons Spencer Dawkins
- [P2PSIP] Re: HIP pros and cons Miika Komu
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Ali Fessi
- Re: [P2PSIP] Re: HIP pros and cons Roy, Radhika R Dr CTR USA USAMC
- Re: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- [P2PSIP] HIP DHT interface (was HIP pros and cons) Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- RE: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- [P2PSIP] RE: HIP DHT interface (was HIP pros and … Ahrenholz, Jeffrey M
- Re: [P2PSIP] RE: HIP DHT interface (was HIP pros … Ali Fessi
- Re: [P2PSIP] HIP DHT interface (was HIP pros and … Philip Matthews
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] HIP DHT interface (was HIP pros and … Joakim Koskela
- Re: [P2PSIP] RE: HIP DHT interface (was HIP pros … Miika Komu
- Re: [P2PSIP] HIP DHT interface (was HIP pros and … Philip Matthews
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- Re: [P2PSIP] HIP DHT interface (was HIP pros and … Bruce Lowekamp
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- RE: [P2PSIP] Re: HIP pros and cons Palanisamy, Kandasamy (Kandasamy)
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Bruce Lowekamp
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- Re: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- RE: [P2PSIP] Re: HIP pros and cons Ahrenholz, Jeffrey M
- Re: [P2PSIP] HIP DHT interface (was HIP pros and … Philip Matthews
- Re: [P2PSIP] Re: HIP pros and cons Spencer Dawkins
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- RE: [P2PSIP] HIP DHT interface (was HIP pros and … Henry Sinnreich
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- Fw: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- Re: [P2PSIP] Re: HIP pros and cons Ali Fessi
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- RE: [P2PSIP] Re: HIP pros and cons Henry Sinnreich
- Re: [P2PSIP] Re: HIP pros and cons Wei Gengyu
- Re: [P2PSIP] Re: HIP pros and cons Ingmar Baumgart
- Re: [P2PSIP] Re: HIP pros and cons Philip Matthews
- [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros and … Ali Fessi
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- [P2PSIP] HIP performance concerns (was HIP pros a… Ali Fessi
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- RE: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … David Barrett
- Re: [P2PSIP] Re: HIP pros and cons Spencer Dawkins
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Philip Matthews
- Re: [P2PSIP] HIP performance concerns (was HIP pr… Philip Matthews
- RE: [P2PSIP] HIP performance concerns (was HIP pr… Henderson, Thomas R
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Eric Rescorla
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Hannes Tschofenig
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Philip Matthews
- RE: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Henderson, Thomas R
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- RE: [P2PSIP] Re: HIP pros and cons Brian Rosen
- RE: [P2PSIP] Re: HIP pros and cons Brian Rosen
- RE: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- RE: [P2PSIP] HIP performance concerns (was HIP pr… Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Dan York
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- RE: [P2PSIP] Re: HIP pros and cons David Barrett
- RE: [P2PSIP] Re: HIP pros and cons David Barrett
- RE: [P2PSIP] Re: HIP pros and cons Salman Abdul Baset
- Re: [P2PSIP] Re: HIP pros and cons Ali Fessi
- RE: [P2PSIP] Re: HIP pros and cons David Barrett
- RE: [P2PSIP] Re: HIP pros and cons David Barrett
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Miika Komu
- Re: [P2PSIP] HIP performance concerns (was HIP pr… Miika Komu
- Re: [P2PSIP] Re: HIP pros and cons Miika Komu
- Re: [P2PSIP] HIP performance concerns (was HIP pr… Eric Rescorla
- Re: [P2PSIP] Re: HIP pros and cons Eric Rescorla
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Miika Komu
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Eric Rescorla
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Miika Komu
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Eric Rescorla
- Re: [P2PSIP] HIP vs. TLS/DTLS/SRTP (was HIP pros … Eric Rescorla
- FW: [P2PSIP] Re: HIP pros and cons Andrey Lukyanenko