On 3/31/15 2:44 PM, Margaret Wasserman wrote:
On a more general matter, IIRC both our candidates (and I think most IETF
routing protocols) have equally non-existent asymmetric authentication and that
is not even talking about encryption. If you want to have encrypted routing
protocol traffic, you are going to have a bad time last time I looked.
I don't know if a mechanism to encrypt routing protocol traffic is needed to
make Babel (or IS-IS) reasonably secure. There are only limited use cases
where it is desirable to hide the existence of routers or the topology of the
local network from nodes on the local network, and encrypting the routing
protocols wouldn't be sufficient to accomplish all of that.
The larger point is that security != crypto.
Mike
_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet