[Top] [All Lists]

Re: [Infrahip] [PATCH] Host Identity Protocol

To: miika@xxxxxx
Subject: Re: [Infrahip] [PATCH] Host Identity Protocol
From: YOSHIFUJI Hideaki / 吉藤英明 <yoshfuji@xxxxxxxxxxxxxx>
Date: Wed, 23 Mar 2005 02:57:01 +0900 (JST)
Cc: davem@xxxxxxxxxxxxx, gurtov@xxxxxxxxxxxxxx, netdev@xxxxxxxxxxx, infrahip@xxxxxxx, yoshfuji@xxxxxxxxxxxxxx
In-reply-to: <Pine.GSO.4.58.0503221531020.19531@xxxxxxxxxxxxxxxxxx>
Organization: USAGI Project
References: <20050321.024241.67451836.yoshfuji@xxxxxxxxxxxxxx> <20050320200356.5f8fa583.davem@xxxxxxxxxxxxx> <Pine.GSO.4.58.0503221531020.19531@xxxxxxxxxxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
In article <Pine.GSO.4.58.0503221531020.19531@xxxxxxxxxxxxxxxxxx> (at Tue, 22 
Mar 2005 16:08:31 +0200 (EET)), Miika Komu <miika@xxxxxx> says:

> will have to get back to you later with some figures. If the results show
> that an userspace implementation is superior to a kernel based approach in
> terms of security or performance, we may have rewrite the code to the

And, IMHO, the most important argument is, probably, in terms of
simplicity and universality of kernel part.
e.g. MIP6 uses XFRM / stackable destination architecture as its
fundamental infrastructure.

They (simplicity and universality) are unlikely measurable, though.

> justify the reasons by analyzing and measuring. In addition, security
> issues (DoS protection, user supplied public keys, etc) are taken pretty
> seriously in HIP and may benefit from a kernel oriented approach.

I belive that we can find solutions to solve these issues (if any).


<Prev in Thread] Current Thread [Next in Thread>