>> If registrations and requests are encrypted, then anyone could run the roots >> and the what goes in and out of the mapping system stays private. But there >> needs to be competition so the level of service stays at a high-quality >> production level. > What is your vision? How much of the mapping data can be encrypted and > how much information about the mapping owner can be hidden from the
Well I think we can encrypt the transport of messages from LISP sites to the mapping system. As to encrypting the stored state at the map-servers could also be done but here are some caveats: (1) If the MSP is providing proxy-reply services it has to return Map-Replies to ITRs/PITRs. It can do so with lisp-sec for security. But the information needs to be stored in plaintext. (2) All the map-servers need to know when they are not proxy-replying is to know the RLOCs of the ETRs of the site that registered the information (and not so much all of the RLOC-records that were registered) so the map-servers can forward Map-Requests to the ETRs so they can Map-Reply. > mapping system operator? The ID cannot be encrypted as it is used as > retrieval key. When we want to make sure that only rightful owners of Right. At a minimum, the amount of plaintext that is stored in the map-servers are EID-prefix and the RLOCs in the RLOC-set (for case (2) above). > IDs can register, the mapping system provider needs to authenticate the That is done today with a Map-Register that contains an authentication hash across the entire Map-Register message. > mapping owner. Can you elaborate the problem you are tackling and the > solution in more detail? I was solely asking if the messaging to the mapping system should be confidential. Dino _______________________________________________ nvo3 mailing list nvo3@ietf.org https://www.ietf.org/mailman/listinfo/nvo3