Re: [Mipshop] AW: [Mobopts] Presentation slides for "CXTP using GIST"

From: Xiaoming Fu <fu(at)cs.uni-goettingen.de>
Date: Mon Nov 21 2005 - 16:39:55 EST

Hi Hannes, Hui,

Thanks for your insights. My additional comments inline:

Tschofenig, Hannes wrote:

> hi hui
> 
> there are two issues to discuss:
> 
> a) which security mechanisms you use for protection of the context
> transfer between the old ar and the new ar.
> 
> b) which context you transfer between these devices.
> 

In the present draft we are mostly concentrating on the transport mechanism for transfering contexts related to the end-to-end communication for a mobile node. Which exact context (ie., object format) is still yet to be discussed in a future work.

If you mean the case where last hop communication (between the access router and mobile node) for a MN-CN flow is using IPsec, some parameters such as ESP encryption algorithm and keys would be possible to be transferred between access routers. As described in the drafts mentioned by Hannes, handling of real time parameters in the SA would be also possible.

I guess you are not talking about issue a). For a) actually we could utilize the secure mode of GIST (e.g., TLS over TCP/SCTP or IPsec) to transfer the desired context, where a secure message association could be used in the "half-permanent" fashion, without the need to exchange those security parameters on demand either per-MN movement or per-flow.

Cheers,
Xiaoming

> i could not remember xiaoming and john proposing to transfer ipsec
> sas as part of (b). if you would like to transfer ipsec sas then the
> past investigations in, for example,
>  or
>  might be worth taking a
> look.
> 
> ciao hannes
> 
> 

>> -----Ursprüngliche Nachricht----- Von: mobopts-bounces@irtf.org

> 
> PusingGIST_IETF64.ppt
> 

>> Please drop me/us a message if you think it may be useful, or any

---

Mobopts mailing list
Mobopts@irtf.org
https://www1.ietf.org/mailman/listinfo/mobopts Received on Mon Nov 21 16:43:17 2005