On 11/17/2017 10:49 AM, Alberto Rodriguez-Natal wrote:
Just to clarify what was discussed in the meeting. The nonce used in
the Map-Request requesting the subscription will be used in the
Map-Notify that confirms the subscription. This is at top of page 6 in
the draft.
Similarly, a Map-Notify sent as publication will be ack'ed by a
Map-Notify-Ack using its nonce.
Albero,
My understanding from Dino's comment at the make was that in his
implementation the map-notify has the nonce from the original map-request.
The reason I asked about this is that there are some additional security
benefits if the map-notify has a nonce which corresponds to what the xTR
had sent in the map-request. Otherwise you need some other mechanism to
guard against receiving spoofed map-notifies.
Erik
https://tools.ietf.org/html/draft-rodrigueznatal-lisp-pubsub-01
Thanks,
Alberto
_______________________________________________
lisp mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/lisp
_______________________________________________
lisp mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/lisp
