02420
Term | Explanation |
---|---|
Public key | The public key of an asymmetric cryptographic key pair. Used as a publicly known identifier for cryptographic identity authentication. Public is a relative term here, ranging from "known to peers only" to "known to the world". |
Private key | The private or secret key of an asymmetric cryptographic key pair. Assumed to be known only to the party identified by the corresponding public key. Used by the identified party to authenticate its identity to other parties. |
Public key pair | An asymmetric cryptographic key pair consisting of public and private keys. For example, Rivest-Shamir-Adleman (RSA), Digital Signature Algorithm (DSA) and Elliptic Curve DSA (ECDSA) key pairs are such key pairs. |
Endpoint | A communicating entity. For historical reasons, the term 'computing platform' is used in this document as a (rough) synonym for endpoint. |
Term | Explanation |
---|---|
Computing platform | An entity capable of communicating and computing, for example, a computer. See the definition of 'Endpoint', above. |
HIP base exchange | A cryptographic protocol;
see also |
HIP packet | An IP packet that carries a 'Host Identity Protocol' message. |
Host Identity | An abstract concept assigned to a 'computing platform'. See 'Host Identifier', below. |
Host Identifier | A public key used as a name for a Host Identity. |
Host Identity namespace | A name space formed by all possible Host Identifiers. |
Host Identity Protocol | A protocol used to carry and authenticate Host Identifiers and other information. |
Host Identity Hash | The cryptographic hash used in creating the Host Identity Tag from the Host Identifier. |
Host Identity Tag | A 128-bit datum created by taking a cryptographic hash over a Host Identifier plus bits to identify which hash was used. |
Local Scope Identifier | A 32-bit datum denoting a Host Identity. |
Public Host Identifier and Identity | A published or publicly known Host Identifier used as a public name for a Host Identity, and the corresponding Identity. |
Unpublished Host Identifier and Identity | A Host Identifier that is not placed in any public directory, and the corresponding Host Identity. Unpublished Host Identities are typically short lived in nature, being often replaced and possibly used just once. |
Rendezvous Mechanism | A mechanism used to locate mobile hosts based on their HIT. |
InitiatorsMAY use a different HI for different Responders to provide basic privacy. Whether such private HIs are used repeatedly with the same Responder, and how long these HIs are used, are decided by local policy and depend on the privacy requirements of the Initiator.
Responders that only respond to selected Initiators require an Access Control List (ACL), representing for which hosts they accept HIP base exchanges, and the preferred transport format and local lifetimes. WildcardingSHOULD be supported for such ACLs, and also for Responders that offer public or anonymous services.
02420