[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

MLS and keys

To: ipsec@ans.net
Subject: MLS and keys
From: teb@saturn.sys.acc.com (Tom Benkart)
Date: Mon, 26 Apr 93 14:39:18 EDT

Any systems I am aware of which support multiple hierarchical levels
require different keys for the different levels.  That means some
type of key ID must be carried in the SAID, since addresses alone
are not sufficient to distinguish between the different keys for
different levels.  Different keys may not be desirable, but they
are required in every MLS situation I know of.  Short of persuading
the current users to back off on that requirement, I don't see what
other choice we have besides supporting it.  That feature does not
have to be used, but the mechanism should exist.

This is really a separate (albeit related) issue from binding the
label to the protected data.  The SAID can not include any information
which would reveal the original classification of the datagram.  You
could detect that multiple keys are being used (presumably for different
levels), but you have no idea what those levels are.

Tom Benkart
ACC Systems

Prev by Date: Re: >IPv4 Security & MLS
Next by Date: Re: RFC1108 vs SAID
Prev by thread: Re: >IPv4 Security & MLS
Next by thread: Re: >IPv4 Security redux
Index(es):
- Main
- Thread