[Hipsec-rg] Re: Native HIP API questions in the hipsec-rg meeting

touch@ISI.EDU (Joe Touch) Sat, 21 August 2004 12:35 UTC

From: touch@ISI.EDU (Joe Touch)
Date: Sat Aug 21 12:35:01 2004
Subject: [Hipsec-rg] Re: Native HIP API questions in the hipsec-rg meeting
In-Reply-To: <6938661A6EDA8A4EA8D1419BCE46F24C04060809@xch-nw-27.nw.nos.boeing.com>
References: <6938661A6EDA8A4EA8D1419BCE46F24C04060809@xch-nw-27.nw.nos.boeing.com>
Message-ID: <41252460.5040509@isi.edu>

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigE73D5E40BB122B37FD1BE3D1
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit



Henderson, Thomas R wrote:

> 
>>-----Original Message-----
>>From: Joe Touch [mailto:touch@ISI.EDU]
>>Sent: Monday, August 16, 2004 9:20 PM
>>To: Tim Shepard
>>Cc: Lars Eggert; Miika Komu; hipsec-rg@honor.trusecure.com; Andrew
>>McGregor
>>Subject: [Hipsec-rg] Re: Native HIP API questions in the hipsec-rg
>>meeting
> 
> 
>>I always thought of HIP has having two uses:
>>
>>	1. given global IDs and a rendezvous IP address, start a
>>	connection with that ID via the rendezvous. either the
>>	rendezvous point forwards the connection request, or replies
>>	with further info on how to find that ID
>>
>>	2. given an initial IP address, go there and get an ID
>>	that is unique only to you and that end; allow the endpoints
>>	to move once established, based on keeping that ID
>>
>>I always though of HIP as focusing on (2); (1) is somewhat 
>>nonsensical, 
>>as Tim points out above. 
>>
> 
> 
> If HIP focused on (2), then it would seem to just be a heavyweight 
> version of purpose built keys or TCP-migrate or similar proposals.
> 
> I've always thought of HIP of having most applicability when upper 
> layer protocols including applications would prefer to name end 
> systems by a global ID.  In general, this requires a resolution
> infrastructure, but one can get part of the way there perhaps
> by using DNS and/or certificate chains.
> 
> Tom

We already have a DNS which provides a global resolution structure. What 
is the gain in having a global ID space?

Far as I can tell, you need the DNS (or a copy that's just as 
complicated and global) to give you the rendezvous points. If the dest 
IS the rendezvous point, you're done. Why bother putting the ID in the 
DNS and ensuring that it's global?

Joe

--------------enigE73D5E40BB122B37FD1BE3D1
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBJSRgE5f5cImnZrsRAml0AJ40pHXcIQhqfS0fEyRxBz2qqia9gQCfVftU
A874VDG60CGoYr5nyGIpN0U=
=BjZD
-----END PGP SIGNATURE-----

--------------enigE73D5E40BB122B37FD1BE3D1--

[Hipsec-rg] Re: Native HIP API questions in the h… Miika Komu
[Hipsec-rg] Re: Native HIP API questions in the h… Joe Touch
[Hipsec-rg] Re: Native HIP API questions in the h… Joe Touch
[Hipsec-rg] Re: Native HIP API questions in the h… Henderson, Thomas R
[Hipsec-rg] Re: Native HIP API questions in the h… Miika Komu
[Hipsec-rg] Re: Native HIP API questions in the h… Henderson, Thomas R