I doubt the necessity of genearl encryption rules proposed in this draft. Due to the distributed structure of P2P overlay, most nodes in the overlay are in the same security level. We only need to prevent eavesdropping from outside of overlay. So, confidentiality provided by encrypting messages with public key of recipient will be costly and unnecessary. A public secure channel for routing and management messages among overlay nodes may be more efficient with resonable confidentiality. This public secure channel can be established by the shared key among the overlay nodes.
Xiaofeng Qiu MINE Lab, BUPT On Mon, Mar 1, 2010 at 10:04 AM, Konstantinos Birkos < [email protected]> wrote: > Dear all, > > A new Internet Draft entitled "Security Mechanisms and Key Refresh for > P2PSIP Overlays" has been submitted. It can be accessed at: > > http://www.ietf.org/id/draft-birkos-p2psip-security-key-refresh-00.txt > > (filename: draft-birkos-p2psip-security-key-refresh-00) > In this draft we present security extensions regarding the refreshment of > the keying material and the certificates used by the peers in the P2PSIP > overlay. Your comments on the proposed mechanisms would be highly > appreciated. In addition, I would be glad to make a small presentation and > discuss it in the upcoming IETF 77 meeting. > > Kind Regards, > Konstantinos Birkos > > _______________________________________________ > P2PSIP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/p2psip >
_______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
