using Host Identity Protocol in Tor
Paul Syverson
syverson at itd.nrl.navy.mil
Thu Oct 19 03:55:15 UTC 2006
I had an exchange with Geoff Goodell about HIP in late '05 early
'06. Here are some concerns that he raised (for our discussion, not in
response to the current one---but I think they are relevant).
1. Every target service must be on board. This means that HIP does not
provide an "outproxy" network by which we can contact existng, "legacy"
services. Clearly, this conflicts with the "sharing perspectives"
aspect of Blossom.
2. Since the contenct of every packet must be encapsulated within a HIP
datagram, we need to either (a) change the protocol stacks at the edges,
or (b) tunnel (as we do in Tor). The latter requires substantial
infrastructure development which is particularly cumbersome (and at the
moment ill-specified).
3. Since its goal is separaating location information from identity,
HIP does not provide a sufficient means of locating the endpoints.
Without some sort of directory; we are left with querying and
broadcasting, both of which are extremely inefficient. Building the
directory is a much more interesting challenge than encapsulating the
datagrams, in my opinion.
aloha,
Paul
--
Paul Syverson () ascii ribbon campaign
Contact info at http://www.syverson.org/ /\ against html e-mail
More information about the tor-dev
mailing list