RE: [lisp-interest] LISP-ALT and security

[jnc@mercury.lcs.mit.edu (Noel Chiappa)]

    > From: "Darrel Lewis (darlewis)" <darlewis@cisco.com>

    > EID space should be allocated by an organization independent from the
    > provider, if we want (and I think we do) the space to be used
    > independently from the provider.

If we have a hierarchical mapping system (i.e. responsibility for answering
queries about parts of the namespace is delegated in a hierarchical fashion),
that hierarchy does not *have* to match the allocation hierarchy (i.e. the
hierarchy of entities which can allocate parts of the namespace).

However, it cannot be entirely unrelated to the allocation hierachy; mapping
node M can't be responsible for answering queries about namespace segment S
unless the entity A which is authorized to allocate S has in fact allocated
it to M (or to some entity which further authorizes M to handle mappings for
S).

    >> I think we can expect this to add latency to flow establishment. I'd
    >> hate to see a delegation-security mechanism adds yet more latency.

    > I think we should let the ITR decide how much security (and therefore
    > potential latency) they would like.

Well, it's both ends, really - the provider of the mapping, and also the
consumer. The consumer can't make a choice unless the provider is prepared to
give it the data it needs to do so, right?

Again, though, as Scott Brim mentioned, it's possible to design
authentication systems that add no latency at all (once one realizes that if
the entity M providing the binding is not the entity which actually signs the
binding). So this is something of a non-issue.

	Noel