On 09/10/2013 03:56 AM, Miika Komu wrote:
Hi,
On 09/09/2013 07:50 AM, Henderson, Thomas R wrote:
Last week I published a new version of RFC5201-bis:
http://tools.ietf.org/html/draft-ietf-hip-rfc5201-bis-13
This was mainly to address ID-nits and prepare the draft for the next
stage of the review process. However, I also received a number of
comments from Anders Brandt (cc'ed) on the version-12 draft. The
purely editorial ones were included in version-13, but I decided to
post a few for review on the list.
In the interest of expediency, I'd like to suggest that we aim for
resolving all of these within the next two weeks.
1) Section 4.1, the statement is made:
"As a result, it is believed that the HIP opportunistic mode is at
least as secure as current IP."
Anders questioned what this statement means. Further clarifications
are needed here.
I would just suggest combining this sentence with the previous
paragraph. Alternatively, this could perhaps be rephrased as:
As a result, opportunistic mode in HIP offers a "better than nothing"
security model. Initially, a base exchange authenticated in the
opportunistic mode involves a leap of faith subject man-in-the-middle
attacks, but subsequent datagrams related to the same HIP association
cannot be compromised by a new man-in-the-middle attack. Thus, it can
be stated that opportunistic mode in HIP is at least as secure as
unprotected IP-based communications.
+10000 :)
I really like this way of putting it. The MITM has one chance only and
then must ALWAYS be in the middle. So maybe something else is needed
that if the MITM "steps away", the attack is exposed after the fact?
_______________________________________________
Hipsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/hipsec
