I like to think that the IETF standards process has considerable value, and 
that the specifications that we produce as standards-track RFCs are 
higher-quality, not just in document quality but in the technical quality of 
the protocols, than the documents that enter the process.
What do you think about ISO standards (or RFCs imported from them)?


1) A mandatory-to-implement security mechanism.  The current draft says that 
security can be accomplished by using a lower-layer security solution, like 
IPsec.  It doesn't specify one, and (perhaps more importantly) doesn't specify 
how the Babel session would be bound to a lower-layer security mechanism. A 
lower layer mechanism can't really be used to secure a higher-layer protocol, 
unless the identifiers used in the higher-layer protocol are properly bound to 
the identifiers used in the lower-layer security mechanism.
There is RFC7298 for Babel which is mentioned in the comparison draft. On a more general matter, IIRC both our candidates (and I think most IETF routing protocols) have equally non-existent asymmetric authentication and that is not even talking about encryption. If you want to have encrypted routing protocol traffic, you are going to have a bad time last time I looked.

The best we can currently achieve seems to be HNCP managing a PSK to at least have symmetric authentication.


Cheers,

Steven

_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet

Reply via email to