Glenn Morrow wrote:
> > In which case, I violently agree with Keith. We've already
> > overloaded IP addresses with two functions - locator and
> > identifier.
>
> I would rather see the WG focus on the value of using a bit to specify
> whether the address is intended to be both a locator and identifier or
> just a locator. I personally believe this would be a far better use of
> real estate than the other proposal. I certainly wouldn't expect any
> dicision soon on either proposed use, though.
Well, the original idea was to reserve a bit to indicate that the
address is Cryptographically Generaged Address (CGA), basically
meaning that
if the bit is set, then
interface id = low64(hash(PK, stuff)) & mask
where
PK is a public key to be used as an identifier for the host
stuff is contains other parameters (see the earlier messages)
hash is a cryptographic hash function, e.g. SHA1
low64 is a function that takes lowest 64 bits
mask indicates that we have to clear/set some bits of the iid
In essense, that would allow anyone to determine if a given public
key belongs to a host, just inspecting the public key, the address,
and the "stuff" above. See e.g.
Michale Roe and Greg O'Shea, "Childproof authentication for MIPv6",
Computer Communications Review, April 2001,
http://www.research.microsoft.com/users/gregos/CAM-v9.pdf
or
Pekka Nikander, "Denial-of-Service, Address Ownership, and Early
Authentication in the IPv6 World", Cambridge Protocols Workshop,
April 2001, http://www.tml.hut.fi/~pnr/publications/cam2001.pdf
for research papers touching the idea. There is also a number of
internet drafts that describe in more detail how CGA could be
used for a number of purposes, including but not limited to Mobile
IPv6.
Unfortunately, this method is encumbered by IPR claims from Microsoft
and Ericsson, and therefore it received violent opposition at the
mobile-ip working group. As a result, the MIPv6 Design Team resolved
to the more modest proposal of just allocating the bits, in the
hope that the IPR issues could be dealed in a way or another.
--Pekka Nikander
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
