In your previous mail you wrote:
> => in fact the home address impersonation attack exists only in the mobile
> node - home agent case, not in the mobile node - correspondent case. If a
> node can use the address of another node to communicate with the
> correspondent, establish some security association, etc, this is an IPsec
> issue if the address gives some specific authorizations.
I do agree with you that the issue is with IPsec IF THE IP ADDRESS
IS USED FOR AUTHORIZATION. Therefore, in the non-mobile case, IP
address ownership may or may not be important.
However, the specialty of the mobility case is that the IP (home) address is
ALWAYS used for authorization.
=> I disagree, the authorization is given to the node.
The whole purpose of using IPsec is IP (home) address ownership
verification.
=> no, the whole purpose of using IPsec is to verify the node doing the
signaling is the node owning the traffic.
This is what is important and should be more carefully attended to
in your draft.
=> what is really lacking is the goal of the draft: this is not to
provide an absolute security, but to keep in the mobility + IPsec
context at least the same security than in IPsec alone.
The address ownership issue can be a real one but it is an IPsec issue:
an attacker can not do significantly more damage with a fake home address
than with just a fake address.
BTW I am not against a SHOULD for the protection of statically assigned
home address. My problem is this is not a real mobility issue so it is
not formelly in the scope of the draft. I propose to put it in the PAD
and SPD examples asked by Sam Hartman.
Regards
[EMAIL PROTECTED]
___
Gen-art mailing list
Gen-art@ietf.org
https://www1.ietf.org/mailman/listinfo/gen-art
