I like to think that the IETF standards process has considerable value, and
that the specifications that we produce as standards-track RFCs are
higher-quality, not just in document quality but in the technical quality of
the protocols, than the documents that enter the process.
What do you think about ISO standards (or RFCs imported from them)?
1) A mandatory-to-implement security mechanism. The current draft says that
security can be accomplished by using a lower-layer security solution, like
IPsec. It doesn't specify one, and (perhaps more importantly) doesn't specify
how the Babel session would be bound to a lower-layer security mechanism. A
lower layer mechanism can't really be used to secure a higher-layer protocol,
unless the identifiers used in the higher-layer protocol are properly bound to
the identifiers used in the lower-layer security mechanism.
There is RFC7298 for Babel which is mentioned in the comparison draft.
On a more general matter, IIRC both our candidates (and I think most
IETF routing protocols) have equally non-existent asymmetric
authentication and that is not even talking about encryption. If you
want to have encrypted routing protocol traffic, you are going to have a
bad time last time I looked.
The best we can currently achieve seems to be HNCP managing a PSK to at
least have symmetric authentication.
Cheers,
Steven
_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet