Hi Luigi, Thanks for your reply.
> On Jun 15, 2022, at 5:29 AM, Luigi Iannone <[email protected]> wrote: > > Hi John, > > AFAICT the reason is very simple, LISP-SEC has been designed to secure > existing LISP control plane messages, not to add new messages. > So it is able to protect the Map-Request and Map-Reply messages flowing > around but it never generates any LISP-SEC specific message. Point taken, but see below. > The action you are suggesting at the end of your discuss needs a new message, > which is not inline with the design decision taken for this draft. I guess I didn’t express myself clearly. For example, in the case of disagreement on KDF ID, since the ITR is going to throw away the Map-Reply anyway, it appears as though the Map-Server could return a Map-Reply containing LISP-SEC ECM Authentication Data whose EID-AD Length is 4 and simply proposing a new KDF ID. That would reuse existing messages without doing throwaway work, wouldn’t it? Thanks, —John _______________________________________________ lisp mailing list [email protected] https://www.ietf.org/mailman/listinfo/lisp
