[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: >IPSEC Charter - New Dra

To: Steve Kent <kent@BBN.COM>
Subject: Re: >IPSEC Charter - New Dra
From: "Perry E. Metzger" <pmetzger@lehman.com>
Date: Mon, 07 Feb 1994 11:39:43 -0500
Cc: pmetzger@lehman.com, ipsec@ans.net
In-Reply-To: Your message of "Mon, 07 Feb 1994 10:12:30 EST." <199402071517.KAA17385@lehman.com>
Reply-To: pmetzger@lehman.com


Steve Kent says:
> 	One could do nothing more than make use of the services
> offered by a security protocol for end-to-end protection at layer 3,
> but this would ignore many of the potential security problems that
> arise in some mobile IP scenarios.  For example, unless a host can
> authenticate its right to use an invariant IP address (not one
> assigned by the network currently providing the access service), then
> there are obvious denial of service vulnerabilities.

Sure, but why couldn't you simply use the IP security protocol to
speak to the mobile's current cell router (I've forgotten the proper
name) to verify your right to use the address? I don't understand why
we would need a seperate protocol.

> There is also an option to tie such authenticated assertions into a
> billing scheme.

Sure, but again, I see no legitimate reason that one would need a new
security protocol to deal with this.

Perry

Follow-Ups:

Re: >IPSEC Charter - New Dra

From: Steve Kent <kent@BBN.COM>

Prev by Date: Re: IPsec near term work
Next by Date: Re: >IPSEC Charter - New Dra
Prev by thread: Re: >IPSEC Charter - New Dra
Next by thread: Re: >IPSEC Charter - New Dra
Index(es):
- Main
- Thread