[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

end-to-end security and proxy rsvp



hi

from the previous mails i read that some of you would like to see end-to-end
security in a qos signaling protocol. i don't know how many of you have read
the draft about proxy rsvp where a node along the path simply acts on behalf
of an end-node. if using end-to-end security within rsvp then the proxy rsvp
case is quite difficult in the sense that the other end-host (although
possibly not rsvp capable) has to transmit credentials to (an possibly
unknown) rsvp proxy to let him act on his behalf.

what do you think? is there a security problem with the proxy rsvp approach?

see draft: draft-ietf-rsvp-proxy-03.txt
(there might also be similar issues related to the draft localized rsvp
draft-manner-lrsvp-00.txt which also uses proxy ideas).

ciao
hannes