Ron, I am having trouble with the question.
The threats document describes the threats as they exist today, without
the adoption of either document that Roger pointed to. Thus, I do not
see any dependence.
If there is a threat that is not well described in the base spec or this
document, then we should add it. We should add it even if there are
proposals to remediate it. But if there is a clear proposal of a
missing threat, I missed it.
Yours,
Joel
On 5/13/14, 1:31 PM, Ronald Bonica wrote:
Hi Roger,
Or asked more explicitly, can the level of security claimed by the threats
document be achieved without implementing the protocol extensions described in
lisp-sec and lisp-crypto?
Ron
-----Original Message-----
From: Ronald Bonica
Sent: Tuesday, May 13, 2014 1:22 PM
To: 'Roger Jørgensen'; Ross Callon
Cc: [email protected]
Subject: RE: [lisp] Restarting last call on LISP threats
Hi Roger,
Can this draft stand on its own, without integrating content from the
documents that you reference?
Ron
There exist two draft that are relevant to what you address.
You have https://datatracker.ietf.org/doc/draft-farinacci-lisp-crypto/
where the payload of a LISP encapsulated packet are encrypted. None of
the keys for encrypting/decrypting are stored in the mapping system
but is calculated by the xTR's involved.
Then you have https://datatracker.ietf.org/doc/draft-ietf-lisp-sec/
that attempts to secure the xTR to xTR relationship.
--
_______________________________________________
lisp mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/lisp
_______________________________________________
lisp mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/lisp
