Jari T. Malinen writes:
> I am not sure we understand orthogonality the same way,
> what I meant was that the only real issue with HAO is how
> to protect it end-to-end always. There is no improvement
> in this respect if we change HAO to a new extension header.
> The security issue is not HAO-specific, we need to protect
> any header carrying the HAddr against cases brought up by
> Pekka.
Right. I think we're saying the same thing.
> Hence, once a "weak authentication" method is chosen it
> is again possible to always protect HAO (as well as even a
> nicer tunneling header). We still need a MAC field for that and
> for this there is an easy way. To conclude, dst.hdr is in RFC,
> the new proposal an individual draft so I'd say it could be
> something to consider for a second generation of Mobile IPv6,
> perhaps.
I'm afraid that there's more to this than that.
One of the implications of Pekka's observation is
that the binding cache is no longer a cache. That
is, you cannot evict the cache entry and still
function properly. The reason is not the CoA and
RH which will clearly still work, but the HAO. If
you drop the cache entry, the CN will see a HAO
which it doesn't know whether to believe and thus
would have to drop (or send a binding solicit,
etc). This bothers me quite a bit as going from
soft state to hard state should never be taken
lightly.
Mike
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
