Pekka,
> Thus, this all is really about zero-configuration security. Such
> security, by nature, is never "strong" by the strict definition of
> strong, but it can be *much* stronger than the current no-security
> situation. Basically, such security can provide quite a lot of
> defence against various DoS attacks.
>
I think you are making too strong a claim here. All that CGA does is
allow a node to know that a packet came from a node claiming to possess
a certain public key. The packet could have been rewritten in transit,
or the public key may not come from a reliable source, etc. Real end to
end security requires being able to authenticate that the packet
contents were not modified in transit, i.e. a digital signature, and
that the public key can be trusted. If a signature is used, then
Diffie-Hellman or another protocol is required, and both sides must
agree on the protocol and the parameters, e.g. p and g if Diffie-Hellman
is used, and that the public key came from a trusted source.
I think CGA is a good solution to the MIPv6 BU security problem, and
maybe for ND security as well, but I think it is prudent to not
overstate the case.
jak
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
