{"draft":"draft-ietf-hip-rfc4423-bis-20","doc_id":"RFC9063","title":"Host Identity Protocol Architecture","authors":["R. Moskowitz, Ed.","M. Komu"],"format":["HTML","TEXT","PDF","XML"],"page_count":"41","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Host Identity Protocol","abstract":"This memo describes the Host Identity (HI) namespace, which provides\r\na cryptographic namespace to applications, and the associated\r\nprotocol layer, the Host Identity Protocol, located between the\r\ninternetworking and transport layers, that supports end-host\r\nmobility, multihoming, and NAT traversal. Herein are presented the\r\nbasics of the current namespaces, their strengths and weaknesses, and\r\nhow a HI namespace will add completeness to them. The roles of the HI\r\nnamespace in the protocols are defined. \r\n\r\nThis document obsoletes RFC 4423 and addresses the concerns raised by\r\nthe IESG, particularly that of crypto agility. The Security\r\nConsiderations section also describes measures against flooding\r\nattacks, usage of identities in access control lists, weaker types of\r\nidentifiers, and trust on first use. This document incorporates\r\nlessons learned from the implementations of RFC 7401 and goes further\r\nto explain how HIP works as a secure signaling channel.","pub_date":"July 2021","keywords":["cryptographic identity","cryptographic namespace","identifier-locator split","mobility","multihoming","NAT traversal","IPsec","ESP","IPv6","end-to-end security","end-to-end connectivity","endpoint identity","leap of faith","rendezvous"],"obsoletes":["RFC4423"],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9063","errata_url":null}