Automotive analogy because right now I have been dragged back to my
automotive history to work on the "Connected Car" security...
I am working on multiple HIP projects. Real vendors with real products
for real customers. In some cases things are separate, but in some
there will be function overlap. I am working on HIP at multiple layers:
MAC layer:
802.15.9 directly passing the HIP datagrams and keying the 802.15.4
security association.
EAP-HIP for running over 802.1X and PANA. Yoshi has said he is willing
in writing the draft.
Networking layer:
Besides 5202-bis BEET mode for EAP, there are more calls for Tunnel mode.
Transport layer:
Alternative keying for things like DTLS-PSK or SRTP.
Messaging/Session layer:
Besides my work on SSE (Session Layer Security) there are a couple other
messaging environments that may create their own security framework, but
I am pushing SSE where I can.
Authentication only:
HIP for authentication within someother framework. This is still rather
vague and may end up elsewhere above.
Anyway, HIP becomes an independed Key Management Protocol, needing a
well defined API (we did something like this at one point?) where there
can be many HIs for the different uses.
Though I can't give information on individual projects, "No Wine Before
its Time", there are some real projects in coding now and more at
various levels of discussion.
For those of you that have HIP web pages that are two years out of date,
PLEASE get them current. It is embarrassing to be on a call with a
consortium (last friday) to have one person saying, "I just checked out
the site for the X code base and it has not been updated for two
years." Please fix this.
Anyone with a bit of time ( :) ) over the next week to help me flesh out
HIP as a security service and review the API RFC, please contact me. I
still can't spill too many beans, but more will be leaking out in the
coming months....
And I really hope we can get RFCs published by July. Meanwhile I also
have to finish up HIP DEX. Remaining stuff, I think, is only
explanatory. I believe Rene set me straight and we got it pretty much
nailed down in the latest draft. Though there is the question if
SLIMFIT should go into the DEX draft or be a separate document. SLIMFIT
with a bit more tweaking will fit into SMS packets without need of the
SMS header...
Thank you for your time and efforts.
_______________________________________________
Hipsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/hipsec
