On Fri, Nov 20, 2009 at 12:02 AM, Patrick Frejborg <[email protected]>wrote:
> > When moving, your identifier will still be kept, not changed, but your > > locator will be changed. The mapping between the identifier and the > changing > > locator (and its retrieval) will have to be done a server in the > > infrastructure (perhaps an extended DNS or rendezvous server(?) in HIT) a > > very efficient manner. > > > > Yes, this is the host identifier approach - very similar as a PKI > infrastructure but the PKI doesn't offer mobility, the PKI certificate > do have global uniqueness . Another approach is to use a session > identifier that can offer mobility, the session identifier is not > globally unique - it is just used to identify the session when the > endpoint is moving from one attachment point to another. > Bought. Yet, is PKI a necessity or a group consensus already? What about host ID(HID) in HIP, which as I know is also protected. (Encrypted but not authenticated?) How is HID different from the PKI you described? Do they have the same problem as PKI? I thought the main objective of HIP was to solve the fast mobility problem, so their idea of HID(and so HIT) would not hinder fast mobility, only if the rendezvous operation is efficient enough. > > Both identifiers can be used concurrently, if the context of the > session is sensitive then use the session identifier for mobility and > to identify the remote endpoint after the transition authenticate > again the endpoints by the PKI infrastructure. > Also bought. > > If the content is not sensitive - do you need to authenticate the > remote endpoint again? Probably not, but mobility might be required > and for that the session identifier is good enough - usually it is the > client that moves around and the server is fixed. Or if both endpoints > moves around you would need a rendezvous server - but I think has been > solved on the application layer already, e.g. SIP registrar&proxy, > Skype, Instant Message solutions, peer-to-peer applications etc. > OK. > > The problem is that some applications uses IP addresses to identify > the session, because there is no session layer in the TCP/IP-model > (the OSI model and Appletalk do have) - the lack of the session layer > is in my opinion the problem. So if the application could identify the > session with the help of a token much better mobility could be > achieved. > I'm a bit surprised that, in this Internet community, there're some people ready to borrow an idea from OSI... :-). Or is it from Apple Talk? I'm personally an admirer of Apple or more correctly Jobs. > Unfortunately it would require changes to some applications - but it > is the right place to fix the problem. If the application can not be > changed and mobility is required, then use Mobile IP. > A simple session layer would make the networking so much easier. > Introducing the session ID would require a lot of change in the current Internet operation. In the attempt of my proposal, I'd tried to minimize the disturbance to the current Internet infrastructure. So, I chose to make compromises even if it would not perfectly match a more ideal architecture of my belief. If this discussion would be with the Future Internet community, I'd have proposed a more drastically different idea. -- Regards, DY http://cnu.kr/~dykim
_______________________________________________ rrg mailing list [email protected] http://www.irtf.org/mailman/listinfo/rrg
