[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Modular approach to key management

To: "Housley, Russ" <housley@spyrus.com>
Subject: Re: Modular approach to key management
From: " " <amir@watson.ibm.com>
Date: Tue, 22 Nov 1994 12:14:23 -0500
Cc: amir@watson.ibm.com, ipsec@ans.net
In-Reply-To: Your message of "Mon, 21 Nov 1994 13:28:36." <9410217854.AA785453316@spysouth.spyrus.com>


Hi Russ and all,

>
> Amir:
>
> > I agree that it would be much better if we had automated negotiation
> > of methods i.e. a standard high-level key management alg. The questions are:
> > 1. Should we do a small common module already, without waiting to resolve
> > the higher layer problem? We believe the answer is YES.
> > 2. How do we solve the higher layer problem? I think there are too many
> > possibilities rather than too few... You seem to suggest a specific one:
> >
> > > In the IEEE 802.10c Key Management Protocol, all three forms of key
> > > management are supported:  KDC, certificate-based, and manual. .....
(omitted text)
      starting
> > > with IEEE 802.10c, the "upper module" is nearly complete.
> >
> > We (in particular Juan) tried to learn and re-use IEEE 802.10c as much as we
> > could. (Juan, you may want to elaborate.) Maybe you (and others) can help
the
> > WG to use more of it - that would be great.
>
> I think that we agree more than we disagree.

I also think so. My questions to you are:

1. Do you agree with the `modular approach' to the problem? Namely, do you see
the need and value of having a lower layer mechanism which
refreshes the keys in an efficient and fault-tolerant manner on top of IP,
whose input is a shared long-lived key from some higher layer mechanism?
This is one critical design issue we need to get resolved.

2. Would you like to help us by contributing text on the higher-layer key
management based on 802.10c to be merged into our proposal? We are working
on a draft to be released Real Soon Now and would welcome help and cooperation
toward reaching rough consensus.

> IEEE 802.10c defines a protocol
> that can be used with certificate-based key management, KDC-based key
> management, and manual key management.  Since the protocol is so flexible, the
> IPSEC WG would be faced with choosing one (or more) technique that would be
> standardized for the Internet community of users.  For example, Kerberos might
> be the basis for a KDC-based key management technique for the Internet.
> Likewise, the PEM certificate infrastructure might be the basis for a
> certificate-based key management technique for the Internet.  Another
> certificate-based alternative might be based on the draft X9.42 variant of
> Diffie-Hellman.

If I understand you correctly, you propose that for the higher layers, we'll
try to use the base 802.10c protocol while selecting the proper components.
Sounds reasonable to me, and again I'll welcome a concrete proposal (which we
may merge into our modular proposal). Of course we need to keep a reasonable
balance between generality and interoperability, but I see you are aware of
this. Great, let's get moving!
>
> My suggestion is that we adopt the IEEE work, then select particular
algorithms
> for use in the Internet.  Of course, the IPSEC WG would also have to define
the
> attributes that are part of security association negotiation.  These
attributes
> have to be defined regardless of the approach taken, so this is neither a plus
> nor a minus to the IEEE 802.10c approach.

Agreed.
>
> NASA has agreed to make some space available on a machine that supports
> anonymous FTP.  We hope to have the latest draft of IEEE 802.10c available
> before the IETF meeting.  I will gladly spend time with anyone at the IETF to
> expalin the direction that we are going.  Good ideas are welcome from any
> source.

I hope we can discuss this at the IETF, both during the sessions and off line.
If you'll like to coordinate such discussions in advance, send me e-mail
off list. (This invitation is open to others too.)
>
>
> > ... Even if used with manual key management by some pairs of partners, it
> > would still help to 'stop the bleeding' - and this is what we were told to
> > do by the IESG.
>
> In my opinion, IEEE 802.10c decreases the time to market.  Protocol
development
> can take alot of time, especially in an open environment like the IEEE and
> the IETF.  Therefore, take advantage of the investement that has already
> been made by the IEEE 802.10 participants, and take a working solution to
> the Internet sooner.

I agree with all your points. However, I still recommend we proceed first
with a simple and efficient common solution to refreshing `short lived'
keys, to provide a minimal level of interoperability and a much quicker
solution, as well as deal with the efficiency and fault-tolerance issues
which we need to add to existing higher-layer key management designs.

Best, Amir Herzberg

References:

Re: Modular approach to key management

From: "Housley, Russ" <housley@spyrus.com>

Prev by Date: Re[2]: Modular approach to key management
Next by Date: Re: Modular approach to key management
Prev by thread: Re: Modular approach to key management
Next by thread: Re[2]: Modular approach to key management
Index(es):
- Main
- Thread