Hi all, I read the latest HIP architecture draft (4423bis-05) and it looks very good. Below you will find some observations that I made when reading the draft.
Best regards, - Sasu ------ - Architecture and implementation details are partly intertwined here. Perhaps the generic model can be summarised first and then the implementation specific details. Theory of HI is mentioned in the beginning, but I think it is not clear for all readers what is meant by this. - It is stated that the model is general and it does not require public key crypto; however, this is not really elaborated. Also it is stated that the model can be applied at any layer, but this is not explained. The description assumes that Host Identity decouples internetworking and transport layers. - The draft does not discuss architecture and protocol deployment issues. This is one practical requirement given the momentum of the current solutions. - The description of the HIP protocol is quite light in this draft. The introductory part to section 5 could briefly state the key components of HIP including BEX, mobility/multihoming support, and rendezvous that are covered by the following subsections. - In section 5, it is stated that: "Similarly, if it is possible to distribute the processing of a single Host Identity over several physical computers, HIP provides for cluster based services without any changes at the client end-point." I think the base specification and implementation do not directly support this, but additional management extensions are needed. - Computational puzzle does not appear to be mentioned. - Extensions (new hash functions) are not elaborated. This is related to a general requirement that a protocol should be evolvable. - p. 17 section 10 needs a reference - p. 21 the downgrade attack should be elaborated. - Typo: p. 5 Identfier _______________________________________________ Hipsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/hipsec
