Re: [Hipsec] next steps/issues in interopability testing

From: Michael Richardson <mcr(at)sandelman.ottawa.on.ca>
Date: Wed Mar 26 2003 - 03:34:16 EST

-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Tim" == Tim Shepard <shep@alum.mit.edu> writes:

    >> From our Friday morning unofficial BOF, a few issues that will need     Tim> attention from all implementors:

    Tim> New cookie mechanism needs to be settled and implemented.

    Tim> New HIT masking for IPv6 APIs needs to be documented and implemented.
    Tim> (HITs will be 127 bits of hash, but when passed accross APIs that want
    Tim> an IPv6 address, only the bottom 112 bits of hash will be passed, and
    Tim> the top bits will be a 16-bit constant assigned from the IPv6 address
    Tim> space by IANA.   Inside the HIP implementation, there will need to be
    Tim> a copy of the full HIT kept and a mechanism to find the full hit from
    Tim> just the bottom 112 bits.)

  I don't understand why you have to map back to the 127 bit hash.   Why just use a 112 bit hash?

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] 
mcr(at)sandelman.ottawa.on.ca 
http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBPoFmBoqHRg3pndX9AQE3OwP/dtXD3IW/ckiJrWEPsyp/tkAj0MTnEZiS TWpPaB8ILSFW3rlspDkwM1LYBXN4ez12e9/d6xNyg/sfTFAohdPJkyizZIlP6e4N BRUFnQdDuhCu1HFUbP0JWAvUyfHt+dZzfYxiSgDLCMcO/mFfkeRjJ6OrtGdh6LMM j4tVZPkydJ4=
=W/eV
-----END PGP SIGNATURE-----

---

Hipsec mailing list
Hipsec@lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/hipsec Received on Wed Mar 26 12:17:50 2003