[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [DNA] Confirming today's face-to-face meeting decisions

To: Sathya Narayanan <sathya@research.panasonic.com>
Subject: Re: [DNA] Confirming today's face-to-face meeting decisions
From: Erik Nordmark <erik.nordmark@sun.com>
Date: Wed, 10 Nov 2004 19:07:13 -0800
Cc: Vijay Devarapalli <vijayd@iprg.nokia.com>, Pekka Nikander <pekka.nikander@nomadiclab.com>, Dna <dna@eng.monash.edu.au>
In-reply-to: <529205157e.5157e52920@pintlmail.MITL.Research.Panasonic.COM>
References: <529205157e.5157e52920@pintlmail.MITL.Research.Panasonic.COM>
Sender: owner-dna@ecselists.eng.monash.edu.au
User-Agent: Mozilla Thunderbird 0.8 (X11/20040916)

Sathya Narayanan wrote:

> Yes. The advantage in using a 'Link Identifier' with a scope
> applicable to all the nodes in the network is that the host will be
> able to determine whether it is on the same link or not from
> receiving a single (RA) message. On the other hand, when such
> identifier is not available, the host can ask the question 'does this
> landmark still exist' everytime it has (good) reason to believe it
> may have changed link.
> 
> Can we refer to the first scheme as 'link scoped identifier' and
> second as 'host scoped identifier' scheme? ;-)
> 
> The question to ask is, whether the cost of establishing the unique
> link identifier among all the nodes (routers) in the link is worth to
> avoid an extra 'does this landmark still exists' question and answer?

Indeed.

But I think that we shouldn't constrain our thinking about the latter to 
the case when only one router can answer the question about the 
landmark; one could have the routers share this so that any of them can 
answer the question.

> Link scoped identifier scheme requires completely securing the link
> so that nobody can spoof a RA message or confuse the link identifier,
> while we (I am not sure about this) may not need complete security as
> long as a secure association between the host and the current AR is
> good in the host scoped identifier approach.

Why would the RAs that carry linkids need to be secured any more than 
RAs that carry prefixes and default router information? I don't understand.

It might be that the Rtr-to-Rtr messages have different concerns than 
the RAs and other ND messages, but I haven't seen any semblance of a 
threat analysis that makes even this case. But that's separate from the 
RAs adverting linkids to hosts.

    Erik

Follow-Ups:
- Re: [DNA] Confirming today's face-to-face meeting decisions
  - From: Brett Pentland <brett.pentland@eng.monash.edu.au>

References:
- Re: [DNA] Confirming today's face-to-face meeting decisions
  - From: Sathya Narayanan <sathya@research.panasonic.com>

Prev by Date: Re: [DNA] Confirming today's face-to-face meeting decisions
Next by Date: Re: [DNA] Confirming today's face-to-face meeting decisions
Prev by thread: Re: [DNA] Confirming today's face-to-face meeting decisions
Next by thread: Re: [DNA] Confirming today's face-to-face meeting decisions
Index(es):
- Date
- Thread