Host Identity Protocol

For more information, see transport layer.

The Host Identity Protocol (HIP) is a host identification technology for use on Internet Protocol (IP) networks, such as the Internet. The Internet has two main name spaces, IP addresses and the Domain Name System. HIP separates the end-point identifier and locator roles of IP addresses. It introduces a Host Identity (HI) name space, based on a public key security infrastructure.

The Host Identity Protocol provides secure methods for IP multihoming and mobile computing.

In networks that implement the Host Identity Protocol, all occurrences of IP addresses in applications are eliminated and replaced with cryptographic host identifiers. The cryptographic keys are typically, but not necessarily, self-generated.

The effect of eliminating IP addresses in application and transport layers is a decoupling of the transport layer from the internetworking layer (Internet Layer) in TCP/IP.^[1]

HIP was specified in the IETF HIP working group. An Internet Research Task Force (IRTF) HIP research group looks at the broader impacts of HIP.

The working group is chartered to produce Requests for Comments on the "Experimental" track, but it is understood that their quality and security properties should match the standards track requirements. The main purpose for producing Experimental documents instead of standards track ones are the unknown effects that the mechanisms may have on applications and on the Internet in the large.

RFC references

RFC 4423 - Host Identity Protocol (HIP) Architecture (early "informational" snapshot)
RFC 5201 - Host Identity Protocol base (Obsoleted by RFC 7401)
RFC 5202 - Using the Encapsulating Security Payload (ESP) Transport Format with the Host Identity Protocol (HIP) (Obsoleted by RFC 7402)
RFC 5203 - Host Identity Protocol (HIP) Registration Extension (obsoleted by RFC 8003)
RFC 5204 - Host Identity Protocol (HIP) Rendezvous Extension (obsoleted by RFC 8004)
RFC 5205 - Host Identity Protocol (HIP) Domain Name System (DNS) Extension (obsoleted by RFC 8005)
RFC 5206 - End-Host Mobility and Multihoming with the Host Identity Protocol
RFC 5207 - NAT and Firewall Traversal Issues of Host Identity Protocol (HIP) Communication
RFC 6092 - Basic Requirements for IPv6 Customer Edge Routers
RFC 7401 - Host identity protocol version 2 (HIPv2) (updated by RFC 8002)
RFC 7402 - Using the Encapsulating Security Payload (ESP) transport format with the Host Identity Protocol (HIP)
RFC 8002 - Host Identity Protocol Certificates
RFC 8003 - Host Identity Protocol (HIP) Registration Extension
RFC 8004 - Host Identity Protocol (HIP) Rendezvous Extension
RFC 8005 - Host Identity Protocol (HIP) Domain Name System (DNS) Extension

References

↑ RFC 4423, Host Identity Protocol (HIP) Architecture, Section 4.1

External links

Authentication

Authentication APIs	BSD Authentication (BSD Auth) eAuthentication Generic Security Services API (GSSAPI) Java Authentication and Authorization Service (JAAS) OAuth OpenID OpenID Connect (OIDC) Pluggable Authentication Modules (PAM) Simple Authentication and Security Layer (SASL) Security Support Provider Interface (SSPI) XCert Universal Database API (XUDA)

Authentication protocol	ACF2 AKA CAVE-based authentication Challenge-Handshake Authentication Protocol (CHAP) MS-CHAP Central Authentication Service (CAS) CRAM-MD5 Diameter Extensible Authentication Protocol (EAP) Host Identity Protocol (HIP) Kerberos LAN Manager NT LAN Manager (NTLM) Password-authenticated key agreement protocols Password Authentication Protocol (PAP) Protected Extensible Authentication Protocol (PEAP) Remote Access Dial In User Service (RADIUS) Resource Access Control Facility (RACF) Secure Remote Password protocol (SRP) TACACS Woo–Lam

This article is issued from Wikipedia - version of the 10/17/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.

Host Identity Protocol

RFC references

See also

References

External links