[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: a proposal of address management for IKEv2



Francis Dupont writes:
> => for privacy issues, a standard secret peer address is better than
> a hash because it obviously never lacks knowledge.

If the this stays static it will leak out information (i.e make the
tracking of user easy). Also you assume that the client will know if
there is NAT beteen (i.e use secret peer address only when there is
NAT, and otherwise use normal address). If there is no NAT then client
must use his own address otherwise we enable NAT-T every time. 

> PS: the main question is about the implicit IPsec SA update mechanism
> that I rejected and you seem to like to keep. What is the opinion of
> the IPsec WG people?

I think that implicit mechanism is very important and usefull for
NAT-T case, and SHOULD or MUST NOT be used in the mobile-ip or
multihoming case (where we can get proper security by explicit
update). 
-- 
kivinen@ssh.fi
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/