On Tue, Oct 28, 2014 at 2:30 AM, Christian Huitema
wrote:
> CGA-TSIG is a possible solution to the "secure-provisioning" problem. The
> IPv6 CGA address contains a hash of a public key used to secure the
> service. If the address is provisioned in a secure manner, then the client
> can authentica
Hi Christian,
Thanks for sharing your opinion about current approaches and also CGA-TSIG.
> If we do change the client and resolver, a number of alternatives can
> be used, such as:
>
> * Use the same trick as CGA but encode the hash of the certificate as a
> name part, e.g. "AF4563ED0B561.exa
CGA-TSIG is a possible solution to the "secure-provisioning" problem. The IPv6
CGA address contains a hash of a public key used to secure the service. If the
address is provisioned in a secure manner, then the client can authenticate the
resolver, by verifying that the resolver's certificate mat
Hi Phillip,
Thanks for your message. I tagged my message with my name since I converted it
to text.
TSIG is only authentication so you have to add encryption. And the original
TSIG assumed keys would be passed out of band so it needs a key exchange.
[Hosnieh] Yes that is true. It is only authe
On Mon, Oct 27, 2014 at 10:45 AM, Paul Hoffman
wrote:
> On Oct 27, 2014, at 7:36 AM, Hosnieh Rafiee
> wrote:
>
> > So why do you think it is distraction for the WG that addresses privacy?
>
> I said I thought it was a distraction; discussing it further would be more
> of a distraction.
>
Which
> > So why do you think it is distraction for the WG that addresses
> privacy?
>
> I said I thought it was a distraction; discussing it further would be
> more of a distraction.
Unfortunately, I haven't received any answer to the question that "why it is
distraction?". I only received ambiguous
On Oct 27, 2014, at 7:36 AM, Hosnieh Rafiee wrote:
> So why do you think it is distraction for the WG that addresses privacy?
I said I thought it was a distraction; discussing it further would be more of a
distraction.
--Paul Hoffman
___
dns-privacy
> >
> > It is a distraction for this WG and should not be considered.
>
> +1
It would be good to know the reason before just simply say I agree or disagree
does not help to understand the reason. Does this group address privacy? If so
why a solution to a privacy is not acceptable for this group
Hi Paul,
>
> On Oct 27, 2014, at 1:03 AM, Hosnieh Rafiee
> wrote:
> > I guess you have heard about CGA-TSIG. What do you think about the
> approach explained there?
>
> Is still has many confusing dependencies that make it hard to
> understand, and it vastly oversells the IPv4 capabilities.
Wou
On Mon, Oct 27, 2014 at 10:20 AM, Paul Hoffman wrote:
> On Oct 27, 2014, at 1:03 AM, Hosnieh Rafiee wrote:
>> I guess you have heard about CGA-TSIG. What do you think about the approach
>> explained there?
>
> Is still has many confusing dependencies that make it hard to understand, and
> it va
On Oct 27, 2014, at 1:03 AM, Hosnieh Rafiee wrote:
> I guess you have heard about CGA-TSIG. What do you think about the approach
> explained there?
Is still has many confusing dependencies that make it hard to understand, and
it vastly oversells the IPv4 capabilities.
> What do you think?
It
> On Mon, Oct 27, 2014 at 09:55:08AM +, Hosnieh Rafiee
> wrote a message of 28 lines which said:
>
> > This is the problem of IETF mailinglist that categorized my message
> > automatically under your thread here
>
> I strongly doubt it, since *your* message included:
>
> References: <2014
On Mon, Oct 27, 2014 at 09:55:08AM +,
Hosnieh Rafiee wrote
a message of 28 lines which said:
> This is the problem of IETF mailinglist that categorized my message
> automatically under your thread here
I strongly doubt it, since *your* message included:
References: <20141027074613.ga14..
Hi Stephane,
> -Original Message-
> From: Stephane Bortzmeyer [mailto:bortzme...@nic.fr]
> Sent: Monday, October 27, 2014 9:23 AM
> To: Hosnieh Rafiee
> Cc: dns-privacy@ietf.org
> Subject: Re: [dns-privacy] What about CGA-TSIG as a solution for DNS
> privacy?
>
&
On Mon, Oct 27, 2014 at 08:03:48AM +,
Hosnieh Rafiee wrote
a message of 19 lines which said:
> I guess you have heard about CGA-TSIG.
Please do not steal threads: start a new thread (otherwise, your
message will be filed under the thread I started, for some users).
__
15 matches
Mail list logo