> I like it. This is actually something that Fabio and I discussed some time > ago as a possible option but we never really closed on it.
So both the Map-Request AD and Map-Reply AD need changes to include the wrapped pubsub key (I referred to this key in the last email as the “new key-material”). So a summary: (1) The MS generates random number, that is the pubsub key, encrypts it with the ITR-OTK. Either proxy replies to the ITR or forwards Map-Request to the ETR with the wrapped pubsub key in the AD field. In the latter case, the ETR forwards that wrapped key to the ITR. (2) The ITR decrypts the wrapped key with the ITR-OTK. (3) Any Map-Notify messages are signed with the pubsub key and verified by the ITR with the same shared pubsub key. Both the ITR and MS (where the subscription state is stored) holds the pubsub key. Rekeying can reoccur whenever the above is done again and the map-server decides to allocate an new random number. Agree? Comments? Dino _______________________________________________ lisp mailing list lisp@ietf.org https://www.ietf.org/mailman/listinfo/lisp
