Jari T. Malinen writes:
> For people not to get wrong impression, there is nothing unsolvable
> in the remaining issues on the table in mobileip wg for Mobile IPv6.
> All issues raised have so far been analyzed in concerns drafts,
> and sets of solutions proposed. The question currently is more
> to conclude the selection process among the proposed solutions.
>
> One issue on the table is the scalability of key distribution in
> infrastructureless case. Changing tunneling format is an orthogonal
> issue to this and I have not understood what so far unsolvable
> would such a change achieve. Proposals by people working in security
> providing "weak authentication" e.g. based on return routability,
> have appeared and been under scrutiny.
Jari,
I agree that the tunnel format is orthogonal to
the security question. I think that what Pekka and
others have been pointing out is that the HAO is,
in fact, another form of bits-on-the-wire
optimized tunnel, much like the routing header.
While the actual way you encode these tunnels is
orthogonal as you point out, I think that what has
been neglected is the security considerations of
the HAO qua tunnel, until Pekka brought this up.
It's still a good observation.
What I gather that Steve is bringing up is that
maybe we wouldn't have been lulled about the
possible dangers of the HAO for so long if it had
been more obvious that the HAO was a tunnel, and
that maybe this would be better to solve once and
for all. I think that idea has some merit, because
creating any-any tunnels may well have other uses
beyond mobile IP.
Mike
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
