On 04/22/2010 12:30 PM, L. Aaron Kaplan wrote:
On Apr 22, 2010, at 7:24 PM, Dave Taht wrote:
On 04/22/2010 10:42 AM, Juliusz Chroboczek wrote:
I am curious if you have considered adding a security extension to any
extent in the upcoming releases?
No. What do you have in mind?
Juliusz
I saw you had left room for it, throughout the protocol specification. A
problem with all the mesh routing protocols available to date is the total lack
of security in them.
The only halfway decent IPv6 capable AND secure protocols are BGP and OSPFv3,
and secure OSPF under ipv6 requires (shudder) IPsec in order to work. (
Actually, somebody got OSPF and IPV6 and IPSEC to work recently -
Why do you think BGP is secure?
"secure" in a social retribution sense - yes. Secure by design - I am not so
sure.
a.
I concur about secure BGP's limitations. It's what I meant by "halfway
decent". As for OSPFv3 + IPsec + IPv6, it's actually, well, not
horrible. I had never heard of anyone getting it to work before today,
actually.
PS: what Benjamin mentioned goes back to a paper by Microsoft research. If you
want I can search for it.
_______________________________________________
Babel-users mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/babel-users
