[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: security requirement for multi6
If it weren't we could just use MIPv6 and end of the story
At Vienna, I gave three reasons on why MIPv6 is hopeless
and can not be used for M6.
Sorry i remeber the following ones:
1) timing in mip is not compatible with multi-homing
No, it is not. It, instead, is a reason on why MIPv6 mechanism can
not be used for M6. But, let's continue.
My answer to this is that the idea is not to use mip as is, but use the
packet format and the CN route optimization capabilities. So mip timing is
not really being used, so i think this should not be an issue.
With MIPv6, CN is expected to use a new locator. With M6, a host is free
to choose any locator, which, in most cases, the host has from the
the next one would be security as you mention, right?
Difference of security model requirement makes security mechanism
Well if you don't care about tmeporary MITM attacks, mip provides all the
security that you need, so i don't see a problem here
I don't care about MITM between CN and HA. MITM between CN and MN,
local environment of which is foreign, is a different matter.
Well as i mention above, not only packet format but CN route optimization
capabilities, which IMHO is the main benefit of using mip, (i.e. you don't
need to deploy new mechanisms in external hosts)
No new mechanism even if timing and security are completely different?
I agree that PMTU is an issue
That is a reason on why MIPv6 is hopeless, though it has less
relevence to this WG. Other reasons are DAD and unnecessary