[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Modular approach to key management for IPSP

To: "Juan A. Garay 784-6852)" <garay@watson.ibm.com>
Subject: Re: Modular approach to key management for IPSP
From: Theodore Ts'o <tytso@MIT.EDU>
Date: Fri, 4 Nov 1994 14:51:15 +0500
Address: 1 Amherst St., Cambridge, MA 02139
Cc: ipsec@ans.net, amir@watson.ibm.com, hugo@watson.ibm.com, pau@watson.ibm.com
In-Reply-To: Juan A. Garay's message of Wed, 2 Nov 94 17:33:23 EST,<199411022233.AA03934@interlock.ans.net>
Phone: (617) 253-8091

Correct me if I'm wrong, but you are assuming in your design that there
will always be a long-term shared symmetric key between the
communicating parties.  

That doesn't seem to be a good assumption.  You could generate the
short-lived keys from a public key exchange, or the communicating
parties may have a long-term symmetric key which they both share with a
trusted third party (Kerberos).

As near as I can tell, you're proposing that if you use one of these
schemes, such as Kerberos or X.509 public-key certificates, they be used
only to establish a long-term shared secret key --- and that long-term
secret key would only be used to establish short-term session keys.  
Is this a fair characterization?

If so, it would seem that in some cases there will be a needless extra
indirection in setting up the session key.

						- Ted

References:

Modular approach to key management for IPSP

From: "Juan A. Garay ((914) 784-6852)" <garay@watson.ibm.com>

Prev by Date: Modular approach to key management for IPSP
Next by Date: Re: Modular approach to key management for IPSP
Prev by thread: Modular approach to key management for IPSP
Next by thread: Re: Modular approach to key management for IPSP
Index(es):
- Main
- Thread