With respect to security in LHIP by using hash-chains, we consider them for LISP, but requires 3 to 4 packet exchanges, so a non-starter.
I don't think so, but I'm no longer an expert there. (I used to know crypto protocols around 1998-2002, but I no longer can claim so.) For unprotected opportunistic case, I think you can simply send your hash anchors in the opening packet.
But then association initiation is a very subtle business with lots of DoS and other security pitfalls. You have to make a balance between resource exhausting DoS protection and the number of roundtrips.
--Pekka _______________________________________________ rrg mailing list [email protected] https://www.irtf.org/mailman/listinfo/rrg
