[Cross-posted to HIP WG and IPv6 WG; replies _only_ to INT area please.]
I'd like to direct people's attention to draft-laganier-ipv6-
khi-00.txt at
http://www.ietf.org/internet-drafts/draft-laganier-ipv6-khi-00.txt
Here is the abstract:
This document introduces Keyed Hash Identifiers (KHI) as a new,
experimental class of IPv6-address-lookalike identifiers. They are
constructed to be statistically globally unique. They are intended
to be used as identifiers only, and not as locators. They should
not
appear in actual IPv6 headers. Consequently, they are considered as
non-routable addresses from the IPv6 point of view.
These identifiers are expected to be used at the existing IPv6 API
and application protocols between consenting hosts. They may be
defined and used in different contexts, suitable for different
protocols. Examples of these include Host Identity Tags (HIT) in
the
Host Identity Protocol (HIP) and Temporary Mobile Identifiers (TMI)
for Mobile IPv6 Privacy Extension.
This document requests IANA to allocate a temporary prefix out of
the
IPv6 addressing space for Keyed Hash Identifiers.
The basic question is whether we should go forward with it, and if
so, where?
Could we last call it at the Internet Area, as the IPv6 chairs
indicate that they consider it a larger issue and not just IPv6
specific?
I would also get people's opinion whether SHA-1 is OK for the
document, as currently the proposed experiment is to end by 2009.
According to the discussion at security directorate yesterday, SHA-1
is expected to be at the end of life by 2010. Consequently, for most
security protocols there will be two transitions in the foreseeable
future, first to SHA-256, and then to something that NIST may be
getting to within the next five years or so. Hence, are we happy
with going with (patched) SHA-1 with the expectation that the
experiment will end by 2009, and will also become unsecure around the
same time, or should we adopt SHA-256 from the beginning?
See also the previous discussion at the IPv6 WG, starting at
http://www1.ietf.org/mail-archive/web/ipv6/current/msg05627.html
--Pekka Nikander
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------