Hi Jing,
> I have three questions about the new security requirements draft (-03): >(1) The threats and security requirements on DHT network or overlay are >discussed , but >what about the threats and security requirements on SIP? >Especially that what are the >threats on decentralized SIP? > Good question. I have discussed this question with Dan before, but we are so busy. You will see the text about it in the next revision. >(2) Why the layers in "Figure 2 P2PSIP architecture" are different from the >>architecture layers in RELOAD? The KBR Layer isn't included in the layers of >RELOAD, and >this layer is not defined in draft-ietf-p2psip-concepts-02. > I think the WG now have not achieved a consensus on the P2P layers. Bruce didn't mention that issue in his presentation. But I think the architecture are similar with Reload. We will surely make the architecture consistent with the WG's consensus. >From many papers, you will find KBR layer is often used. Anyway, we will keep >it consistent with the WG's consensus item. >(3) As I know, PKI-based certificate is not flexible enough nor bandwidth >efficient because of the size of keys and certificates used. Why we don't >consider to use >Identity-based security framework ? > I think Identity-based security framework may be easy to use in the self organzed network. But the purpose of this draft mainly is not to provide the concrete solutions. It just tell you what the security issues are in the overlay, and you should consider them when you establish a p2p overlay. Best Regards! -Song Haibin _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
