[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re[2]: Modular approach to key management
Hugh,
What about when router-like systems are the end-points?
I disagree with your text,
>I strongly disagree with the goal of implementing key management for IP in
>routers. This would make the routers, and anyone or thing with access to them,
>a potential vulnerability. I believe that keys should only exist at the actual
>enpoints where encryption takes place. This reduces the exposure of the keys
>to the minimum set and results in a more secure solution.
,but if you are referring to the IPv6 proposals for router-like security
implementations that share a key with the actual end-systems, then you have
raise a valid issue.
Sharing keys with intermediate systems reduces the security of the system. The
same functionality could be provided more securely by three pair-wise security
associations (assuming only a single intermediate Firewall/router system). One
security association would be end-to-end for each host system. The other two
security associations would encapsulate the end-to-end ipsp and provide host-to-
router-like and router-like-to-host security services.
Paul
Follow-Ups: