[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Architectural relationship between KMP and IPSP
Has much thought been given to the architectural relationship between the IPSP
and key management protocol(s) (KMPs)? If it has, then could someone summarize
the discussions for my benefit, or point me in the right direction. Many Thanks!
Alternatively, here is my two penny'worth on some of the issues:
Clearly, the IPSP/KMP relationship has some important consequences for the
development of an IPSP. For example:
Option 1: If the KMP runs as an `application' over TCP, something special must
happen when KMP packets hit the IPSP layer (it can't be treated like a normal
application because when the first packet comes down, IPSP would discover no
security association exists causing a recursive call back to the KMP: hence
deadlock). Either:
- KMP packets pass transparently through or bypass the security layer,
and so KMP must provide all its own security services (peer entity
authentication, replay detection etc)
or:
- the KMP could use a special pre-placed security association. But this
would mean that pairwise SAs would need to be put in place for all
systems that may wish to communicate, which sounds unworkable.
Whichever of the above is chosen the effect on the IPSP is that it has to detect
KMP packets in some way and treat them differently from other applications. How
would this be achieved? Altenratively, (the most flexible solution?) IPSP could
offer some general method of signalling security services to and from
applications.
Option 2: The KMP doesn't run over the normal TCP stack, but sits `by the side' of
IPSP inside the network layer. This means that it must implement its own
retransmission and cope with duplicate messages. This approach has the minimum
impact on IPSP, but means a new protocol number must be allocated to the KMP on
the `black' network.
Option 3: The KMP sits above IPSP, but not running over the normal TCP stack. In
this case IPSP could spot the KMP protocol number and do something special with it
such as passing it straight through unchanged.
If these issues have not been fully aired before, is there scope at the
forthcoming meeting to discuss some of them? Which session do they fall into -
KM or IPSP?
Tim Dean
Rm L110, DRA-Malvern
Open Distributed Systems St Andrew's Road
Software Engineering and CIS Technology Dept Malvern
Defence Research Agency Worcestershire
Tel: +44-684-894239
Fax: +44-684-896113
E-mail: Dean@hydra.dra.hmg.gb
Follow-Ups: