[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [lisp-interest] Securing the mapping response

To: Roque Gagliano <rgaglian@fing.edu.uy>
Subject: Re: [lisp-interest] Securing the mapping response
From: Scott Brim <swb@employees.org>
Date: Wed, 30 Jul 2008 13:28:50 +0100
Authentication-results: rtp-dkim-2; header.From=swb@employees.org; dkim=neutral
Cc: lisp-interest@lists.civil-tongue.net
In-reply-to: <E90EB8D4-E23E-4699-9FF2-70C9BCDEA77A@fing.edu.uy>
References: <E90EB8D4-E23E-4699-9FF2-70C9BCDEA77A@fing.edu.uy>
Sender: owner-list-interest@lists.civil-tongue.net
User-agent: Thunderbird 2.0.0.14 (Macintosh/20080421)

On 7/30/08 11:33 AM, Roque Gagliano allegedly wrote:

Hi,
Today the issue was rising about how to certify the "right of use" of anEID when I get a map-response.
Today SIDR is developing what is called a ROA that matches IP prefixesto ASN with right of use. Can't we use the certificates and sing (stillusing CMS wrapping) instead of the ASN the RLOC or the list of RLOC. Doyou believe this could be useful?

Yes we could if we need it. I'm not sure how useful it would be. ETRsare already authenticated when they join the ALT and attractMap-Requests to themselves, and they use a nonce in the Map-Reply. Isthat enough?

Follow-Ups:
- Re: [lisp-interest] Securing the mapping response
  - From: Roque Gagliano <rgaglian@fing.edu.uy>

References:
- [lisp-interest] Securing the mapping response
  - From: Roque Gagliano <rgaglian@fing.edu.uy>

Prev by Date: Re: [lisp-interest] LISP-ALT and security
Next by Date: Re: [lisp-interest] LISP-ALT and security
Previous by thread: [lisp-interest] Securing the mapping response
Next by thread: Re: [lisp-interest] Securing the mapping response
Index(es):
- Date
- Thread