Skip to main content

Concluded WG Host Identity Payload (hip-old)

Note: The data for concluded WGs is occasionally incorrect.

WG Name Host Identity Payload
Acronym hip-old
Area Transport Area (tsv)
State Concluded
Charter charter-ietf-hip-old-01
Document dependencies
Personnel Chair Dr. Timothy J. Shepard

Final Charter for Working Group

IP has suffered for the lack of security. Efforts like IPsec and
DNSSEC
have added various levels of security to IP, but have not addressed
some
of the fundamental security deficiencies in IP. By adding a
cryptographic Host Identity and a payload for its exchange between two
hosts, we can greatly enhance the security of IP while addressing a
fundamental flaw in IP. This flaw being the lack of a true identity
for
a host that is independent of how IP packets are routed to a host.

By adding a Host Identity namespace to the IP protocol, the role of the
IP address changes to simply a packet forwarding namespace, since all
of
the higher protocols are bound to the Host Identity. This provides for
cleaner host mobility and addressing realm transition (i.e. NAT)
methodology. However, adding a Host Identity provides for a new class
of Denial Of Service attacks, and thus the Host Identity Payload (HIP)
and its exchange protocol are carefully crafted to not only avoid
introducing DOS attacks, but also to lessen the opportunity for the
existing transport level DOS attacks.