ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Last Call Comments on draft-ietf-shim6-hba-04

2007-11-25 19:30:14
from [Eric Rescorla] [Permanent Link] 
At Mon, 26 Nov 2007 13:27:24 +1300,
Brian E Carpenter wrote:


On 2007-11-26 10:41, Eric Rescorla wrote:

At Mon, 26 Nov 2007 10:33:17 +1300,
Brian E Carpenter wrote:

On 2007-11-26 10:11, Eric Rescorla wrote:

At Mon, 26 Nov 2007 09:48:39 +1300,
Brian E Carpenter wrote:

On 2007-11-26 04:38, Eric Rescorla wrote:
...

Yes, I understand that, but again, your argument precedes from the
premise that people won't want to deploy CGA. Given that substantial
effort was invested in that, I think it's reasonable to take
a step back and ask why some new approach will be more attractive,
not just assume that it will be because it points in some different
direction.

I think the scenarios are very different. To pay the costs of deploying
CGAs, you have to be worried about threats from interlopers on your
own infrastructure, as I understand things. HBAs deal with threats from
interlopers anywhere between the two ends of the shim6 session.
They're much easier to deploy since they use a nonce instead of
a key pair.

Hmm... I'm fairly familiar with crypto protocols and I don't see why
this makes them any easier to deploy. CAn you please explain?

Well, if I understand HBA correctly, the nonce is automatically
generated. I must confess I haven't studied CGA closely, but I
presume that some affirmative action is needed to generate the keys.


Why?

I don't see why that would be any more the case with CGA than
with HBA.


The nonce generation in HBA will just happen when it's needed.


As will the CGA key generation.



It isn't obvious to me from looking over the SeND and CGA documents
when the key pair for CGA is created, but it certainly doesn't
fit in naturally like the HBA nonce. CGA is complicated by comparison.


I don't see where you're getting this from. At the time when you need
to create a new address, you simply create a new asymmetric key pair
and build the CGA. This fits in perfectly naturally. Yes, if you're
using a very high security parameter this may take a few secconds,
but the situation with HBA is exactly the same in that regard.

Actually, it's the HBA interface that's complicated, because you need
to create all your addresses at once and whenever you get a new prefix
you need to generate all new addresses. CGA doesn't have this problem.

-Ekr

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Last Call Comments on draft-ietf-shim6-hba-04, Brian E Carpenter
Next by Date:  Energy and Networks, Bruce Nordman
Previous by Thread:  Re: Last Call Comments on draft-ietf-shim6-hba-04, Brian E Carpenter
Next by Thread:  Re: Last Call Comments on draft-ietf-shim6-hba-04, Jari Arkko
Indexes:  [Date] [Thread] [Top] [All Lists]