Le 18/12/2021 à 23:47, Brian E Carpenter a écrit :
On 19-Dec-21 11:34, Dino Farinacci wrote:
From a user perspective, the choice is clear: privacy and security are
top requirements. We know that payload encryption goes a long way, and
hopefully encryption of the transport layer headers will become
dominant so that intermediate nodes will stop meddling and ossifying
the transport layer. But not everything can be encrypted, the IP
addresses for instance, so providing real security and privacy at the
plaintext network layer should be on the list of features to support
user requirements.
Definitely agree Tom.
But what if we sent a packet where the source address was encrypted?
Then you could have global unique addresses (if you wanted them). Of
course key exchange and rekeying parameters would have to be setup
prior to sending a single packet.
It's called SNA (Sourceless Network Architecture):
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-849.pdf
Wasnt SNA an IBM acronym for an architecture?
Alex
Brian
Maybe its just simpler to randomize addresses.
Dino
_______________________________________________
Int-area mailing list
Int-area@ietf.org
https://www.ietf.org/mailman/listinfo/int-area
_______________________________________________
Int-area mailing list
Int-area@ietf.org
https://www.ietf.org/mailman/listinfo/int-area
