[anonsec] what I call leap-of-faith

[Nicolas Williams]

On Mon, Mar 20, 2006 at 03:59:13PM -0600, Michael Richardson wrote:
> 
> When you SSH to a host the server sends it's public key inline.
[...]

Note that this is a very application-centric view of LoF.

And maybe that's what we can do in this context through use of
connection-latching and IPsec APIs.  That is, let the app get peer IDs,
channel bindings, out of latched connections and then perform LoF at the
application layer.

Doing LoF at the IPsec layer gets us into all those issues we talked
about.

Note too that, given APIs to manipulate the IPsec DBs (PAD, SPD, SADB)
applications could apply LoF not only at the app layer, but also enforce
it in the PAD by creating PAD entries that bind BTNS publickey IDs and
node addresses, though I wouldn't recommend it.

Nico
--