OPEN ISSUE: Standards Track

Charles E. Perkins charliep at IPRG.nokia.com
Thu May 22 11:59:21 CEST 2003 

Hello Randy,

Randy Bush wrote:

> i think there are at least two major factors in increased delay,
> and you pointed out one, security.

Someone reading your note might get the incorrect notion
that we didn't pay attention to Mobile IPv6 security.
That would be very much wrong.  To put it as briefly as
possible, the ADs demanded a key distribution mechanism
_in addition_ to the basic authentication scheme.  This is
in marked contrast to the situation with AH and ESP,  But
_nobody_ claims that AH and ESP were insecure because they
were standardized without key distribution.  I get steamed
when people perpetuate this serious misperception about
"the security problem".

I do NOT claim that insecure standards should be promulgated.
I _do_ claim that as we get more experience with protocols,
we can provide more ways to enable key distribution for
authorizing the use of those protocols.

<... discussion deleted about how nice it used to be ...>

> but one we seem to miss is that the total protocol space is now
> much larger than we were kids.  and the interactions have gone up
> super-linearly with the number of features.  this has serious
> impact in the intra-area and cross-wg and cross-area analysis and
> operational evaluation of a proposal for a new protocol or feature.
> and this only gets worse in time, and not linearly.  i think that
> mip, being so basic, also hits this one seriously.

This was not the reason for delay of Mobile IPv6.   Besides the
demand for a key distribution mechanism (a bad reason for delay,
in my opinion), we did not exhibit any serious interaction problems
with other protocols.  There are some serious considerations
here, but discussion of them does not fit on this list.  It has to
do with how use of existing protocol specifications (you would think
this is a good thing) leads into some of the worst problems I can
remember.  Bottom line: at this point in time, I am convinced
that trying to use IPsec was my own worst mistake in the initial
designs of Mobile IPv6, and recent decisions have made the use
of RFC 2461 to be very, very questionable indeed.  Using someone
else's specification, with even the most microscopic refinements,
gives them carte blanche to destroy your protocol design in the future.

> i think that these may be core problems.  sorry, but i am not sure
> i have solutions.  the second may be somewhat ameliorated by the
> restraint for which brian continually excoriates me.

There are no easy answers, and any solution we pick will have
problems that need further attention.  Rigidity and inability
to make change is only one of the worst answers, not the least
likely answer.

Regards,
Charlie P.

More information about the Problem-statement mailing list