On 2007-11-26 10:11, Eric Rescorla wrote:
At Mon, 26 Nov 2007 09:48:39 +1300,
Brian E Carpenter wrote:
On 2007-11-26 04:38, Eric Rescorla wrote:
...
Yes, I understand that, but again, your argument precedes from the
premise that people won't want to deploy CGA. Given that substantial
effort was invested in that, I think it's reasonable to take
a step back and ask why some new approach will be more attractive,
not just assume that it will be because it points in some different
direction.
I think the scenarios are very different. To pay the costs of deploying
CGAs, you have to be worried about threats from interlopers on your
own infrastructure, as I understand things. HBAs deal with threats from
interlopers anywhere between the two ends of the shim6 session.
They're much easier to deploy since they use a nonce instead of
a key pair.
Hmm... I'm fairly familiar with crypto protocols and I don't see why
this makes them any easier to deploy. CAn you please explain?
Well, if I understand HBA correctly, the nonce is automatically
generated. I must confess I haven't studied CGA closely, but I
presume that some affirmative action is needed to generate the keys.
Brian
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf