[rrg] ILNP Identifiers
Xu Xiaohu
xuxh at huawei.com
Thu Dec 11 18:53:51 PST 2008
> (For example, one hopes that a HIP ID is computationally
> infeasible to forge without compromising the originating key,
> but every deployed cryptographic system I know of does
> eventually suffer key compromise, at which point that HIP ID
> would not be globally unique either.)
Even the cryptographically generated ID suffers ID theft/forgery, then what
about the ordinay ID without such security mechanism?
> > If so, would you please explain the reason?
>
> Any proposal has to handle the case where some bad party is
> deliberately mis-using an Identifier (or Address) that is not
> really theirs. This case is not new to Routing RG, instead
> this is exactly like the situation in today's deployed IP
> Internet with forged Source IP Addresses. [US CERT: CA 1995-01]
Yes. However, the id/locator split will make the situation worse if no
special security mechanism is taken.
Best regards,
Xiaohu
More information about the rrg
mailing list