Hi Iljitsch, El 28/12/2007, a las 14:03, Iljitsch van Beijnum escribió:
On 21 dec 2007, at 4:47, Brian E Carpenter wrote:I'm sympathetic to the idea. Bringing in the shim action only when it's actually needed sounds good in principle. The devil is in the details, of course, but we can investigate that off-list if people would like us to follow this up.One thing before we jump into specifics:I don't think reusing parts from shim6 makes a lot of sense for authentication. There are already several datagram based authentication mechanisms, and they can get quite complex. If a host needs to authenticate towards a NAT-PT translator, it would be much simpler to set up a TLS-protected TCP session and then do simple user/password authentication. Then, the translator can trust all packets coming from the source address in question, or it can provide the host with a session key that can then be used in further shim signaling.
i think this depends on the application scenario that the mechanism is designed to work on. Having TLS + user/password may be ok for some scenarios, but you need to provision the tls certs and the user and password, which may be ok for some application cases and not so ok for others. So i would suggest we first figure out which is the application scenario where the mechanisms is supposed to work on, then we figure out the threats and then try to work on security tools for that
In some cases, it is an important advantage and it is enough to have security techniques that do not require pre shared secrets and do not require infrastrucutre to their deployment. If this is possible, i would assume that this is preferred, since it would provide the required security without imposing the cost of the deployment of the infrastrucutre and the key provisioning
(FWIW, imho it would be possible to find such security approaches for SHANTI, but again, we are far from understanding the details of this)
Regards, marcelo