> thinking about Alberto's request, and reading the document, I wondered if the > security could be improved by sending the first notify back via the ETR, and > coupling it to LISP-SEC to protect the information and provide needed keys > for further messages? It seems like we do need a way to protect the > notifications, and requiring associations from every ITR to every MS who may > provide notifications seems impossible.
You can’t use LISP-SEC because the transactional nature of it starts with an ITR and a one-time-key, that is used to signed Map-Replies returning to it. For Map-Notify messages send from Map-Server via ETR, there would be no ITR one-time-key. And if the Map-Server used its own one-time-key, the ITR couldn’t derive it. Note with LISP-SEC the map-server one-time-key is derived from the ITR’s one-time-key in the Map-Request. Dino _______________________________________________ lisp mailing list lisp@ietf.org https://www.ietf.org/mailman/listinfo/lisp