Welcome to HIP!

The Host Identity Payload Homepage

What is HIP?

HIP started out in December 1998, as a lightweight alternative to IKE.  During the course of its development, the Host Identity (HI) and Tag (HIT) as a secure, provable Endpoint Identity (EID) became of greater value than just another way to manage the keys for a VPN.

Today, with the emergence of Identity Oriented Networking (ION), HIP can best be discribed as
A Protocol to securely manage the context between two securely named Identities.

This context is called a Security Association (SA) and is itself identified by a pair of uni-directional Security Parameter Indexes (SPI).
HIP thus enables two peers to maintain communications bound to their respective HITs.  This communication path can support a single pair of applications or can be multiplexed with a middle layer to allow multiple applications to share the same SA.

How is HIP used today?

HIPv2 is an IETF Proposed Standard.  Its primary use is to manage an IP-level VPN tunnel using ESP.

There are two open implementations of HIP: HIP has also been used, commerically by Tempered Networks, to manage a Virtual Network as defined in HIP VPLS

Still, HIP remains a nitch protocol with barriers to deployment researched.

New HIP Work

There are two new directions for HIP, both leveraging HIP as an identity management protocol.

The first focuses on defining a Session Services model and how HIP can manage the Session context.  The drafts for this are:
draft-hares-i2nsf-ssls <-- In serious need of an update.
The second focuses on enhancements to HIP to meet the needs of 5G mobility.  The drafts for this are:

HIP Documents

The first HIP draft is:

The best place to find the list of HIP RFCs and current work is:

A good article on HIP:
A. Gurtov, M. Komu, R. Moskowitz, Host Identity Protocol (HIP): Identifier/Locator Split for Host Mobility and Multihoming, Internet Protocol Journal, 12(1):27-32, March 2009.

© Robert G. Moskowitz -- 2017