On 11 Dec 2008, at 21:53, Xu Xiaohu wrote:
Even the cryptographically generated ID suffers ID theft/forgery, then what about the ordinay ID without such security mechanism?
For ILNP, please read the I-Ds and see the past notes to this list. I can't speak to other concepts here. Again, note that precisely the same issue exists today in the deployed Internet -- for IPv4 and also for IPv6.
Yes. However, the id/locator split will make the situation worse if no special security mechanism is taken.
ILNP has some very practical low computational complexity mechanisms to provide protection. For protection equivalent to ordinary IPv6 (without IPsec), the Nonce suffices. As with IPv6, ILNP can optionally use IP Security to provide stronger cryptographic protections. (Of course, HIP uses IP Security also.) Cheers, Ran [email protected] PS: A revised set of ILNP I-Ds came out on Wednesday this week. _______________________________________________ rrg mailing list [email protected] https://www.irtf.org/mailman/listinfo/rrg
