Re: [Sip] comments on draft-kupwade-sip-iba-00

> -----Original Message-----
> From: sip-bounces@ietf.org [mailto:sip-bounces@ietf.org] On Behalf Of Eric
> Rescorla
> Sent: Thursday, February 28, 2008 2:14 PM
>
> > And of
> > course, IBE could provide for message privacy as well as integrity
> > across the untrusted peers that will be serving as proxies.
>
> And now we're talking about something totally different: IBE.
> I agree that IBE has significantly different characteristics from
> PKI. The problems with IBE in SIP are totally different: namely
> not knowing the actual identity of the recipietn of the message.
> This is the norm in both SIP (retargeting) and P2P (churn)
> systems.

Not to belabor this topic, but I don't think retargeting is an issue for SIP use of IBE, if by that you mean Alice sent a request to Bob and it got retargeted to Charles and thus Charles could not decrypt it.  It would be considered a feature to some folks.  It would take a second request to fix it, but that's only if retargeting occurs, and then the caller gets to decide if they want to do it to Charles.

The real killer for SIP usage of IBE is that Alice has no idea what KG group Bob is a member of a priori.  For example if Alice is a member of a KG group called "CLINTON", and Bob is a member of KG group "OBAMA".  Alice won't know ahead of time that Bob is a member of OBAMA.  Even if Alice had the OBAMA keying info at hand to use, she wouldn't know Bob is a member of it until she tries reaching Bob.  Since that would happen a lot, there's no serious advantage over conventional pub-key retrieval to encrypt, methinks.

-hadriel
_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sipping@ietf.org for new developments on the application of sip