In <http://www0.cs.ucl.ac.uk/research/researchnotes/documents/RN_05_22.pdf>, you can read "The use of Identifiers enables firewalls to have access control rules that are based on identity, rather than address or location. This might permit a corporate IT security manager to give the CEO's laptop more privileges than a network-capable ID badge reader, for example."
This claim is not reproduced in the current set of I-D and rightly so: because ILNP has no protection of the Identifier (such as ORCHID), it is easy to lie about your Identifier. So, what are the good practices for firewalls with ILNP? The current set of I-D does not mention it (may be it is too early). I would say that, since you can get *some* authentication of the Locator (BCP 38, returnability with protocols like TCP), filtering on the Locator may be a sensible idea while filtering on the Identifier is a very bad one. This would be consistent with the current practice. With Apache, when you write 'Allow from 2001:660:3003::/48', you say "Allow every machine which happens to be connected in this network". You authorize a localisation, not an identity. Do you think it would be a good addition in Security Considerations for future documents? _______________________________________________ rrg mailing list [email protected] http://www.irtf.org/mailman/listinfo/rrg
