Hi,
On 05/19/2014 09:08 PM, Robert Moskowitz wrote:
I have a real need to provide ESP tunnel mode from a HIP client to a
gateway. The world just won't go as nicely as I would have wanted it to.
location-based security is old fashioned :(
At the application layer, tunnel mode may have some implications on the
IPv4-IPv6 interoperability aspects of HIP.
In the HIPL manual, there is an example of running OpenVPN within the
BEET ESP connection, but I don't think that ends up with the same as ESP
tunnel mode.
We tried successfully OpenVPN over HIP and vice versa.
I suspect that others have given this more thought in actually
implementing it, so please direct me to any papers on this.
my dissertation lists the following papers:
* P. Salmela and J. Melén. Host Identity Protocol Proxy. In J. Filipe
and L. Vasiu, editors, ICETE, pages 222–230. INSTICC Press, 2005.
* G. Iapichino and C. Bonnet. Host Identity Protocol and Proxy Mobile
IPv6: a Secure Global and Localized Mobility Management Scheme for
Multihomed Mobile Nodes. In Proceedings of the 28th IEEE conference on
Global telecommunications, GLOBECOM’09, pages 578–583, Piscataway, NJ,
USA, 2009. IEEE Press.
* D. Zhang, X. Xu, J. Yao, and Z. Cao. Investigation in HIP Proxies,
Oct. 2011. Work in progress, Internet draft.
* T. Henderson, S. C. Venema, and D. Mattes. HIP-based Virtual Private
LAN Service (HIPLS), Mar. 2012.
* J. Melen, J. Ylitalo, and P. Salmela. Host Identity Protocol-based
Mobile Proxy, Aug. 2009. An expired Internet draft.
* R. H. Paine. Beyond HIP: The End to Hacking As We Know It. BookSurge
Publishing, 2009.
Also this one:
http://link.springer.com/chapter/10.1007%2F978-3-540-75993-5_11
_______________________________________________
Hipsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/hipsec
