Re: Node Requirements: Issue 13 - CGA/SeND support

To: Hesham Soliman <hesham at elevatemobile.com>
Subject: Re: Node Requirements: Issue 13 - CGA/SeND support
From: arno at natisbad.org (Arnaud Ebalard)
Date: Fri, 24 Jul 2009 15:52:47 +0200
Cc: Thomas Narten <narten at us.ibm.com>, john.loughney at nokia.com, julienl at qualcomm.com, ipv6 at ietf.org, Brian E Carpenter <brian.e.carpenter at gmail.com>
Delivered-to: ipv6 at core3.amsl.com
In-reply-to: <C68FF6DE.E709%hesham at elevatemobile.com> (Hesham Soliman's message of "Fri, 24 Jul 2009 23:40:14 +1000")
List-archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-help: <mailto:ipv6-request@ietf.org?subject=help>
List-id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-post: <mailto:ipv6@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
References: <C68FF6DE.E709%hesham at elevatemobile.com>
User-agent: Gnus/5.110009 (No Gnus v0.9) Emacs/23.0.92 (gnu/linux)

Hi Hesham,

Hesham Soliman <hesham at elevatemobile.com> writes:

>> 
>> SeND is theoretically not easy to deploy - you need to provision
>> 
>> cryptography material on all nodes.
>
> => Why? You only need to provision routers if you want them to support proof
> of prefix ownership, but you certainly don't need to provision all nodes,
> that's the advantage of CGAs.

What's the point of SEND *for authenticating routers* if you use only
CGA and not certificates? And if you use certificates, then nodes need
to be provided with trust anchors. Or am I missing your point?

Cheers,

a+

Follow-Ups:
- Re: Node Requirements: Issue 13 - CGA/SeND support
  - From: Hesham Soliman

References:
- Re: Node Requirements: Issue 13 - CGA/SeND support
  - From: Hesham Soliman

Prev by Date: Re: Node Requirements: Issue 13 - CGA/SeND support
Next by Date: Re: Node Requirements: Issue 13 - CGA/SeND support
Previous by thread: Re: Node Requirements: Issue 13 - CGA/SeND support
Next by thread: Re: Node Requirements: Issue 13 - CGA/SeND support
Index(es):
- Date
- Thread

Re: Node Requirements: Issue 13 - CGA/SeND support

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.