[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
key management
I believe that many of the given key management protocols are still
deficient in so far as
1) They lack a specified method for managing separate keys for
separate users; this is an articulated requirement for the IPv6
case according to the IPng Directorate.
2) All but SKIP lack clearly articulated key certificates (and SKIP's
seem to be X.509 based, which is probably non-optimal)
3) All seem to lack hooks for a user level authentication system,
and this deficiency makes producing user level applications
difficult to write.
For contrast on some, I point everyone at Kerberos. Kerberos is NOT,
in my opinion, a good enough key management system for the internet --
it does not scale particularly well and uses only private
keys. However, Kerberos provides name management and user level
authentication as well as key management; with Kerberos in place, I
can build applications like a secure telnet or a secure NFS service,
which I cannot do with ANY of the thus far articulated key management
systems. I would argue that any system that is not more functional
than Kerberos (in the sense of providing all that kerberos does but
with public keys and scalability) is not sufficient for our
purposes. The key management system need not itself provide all the
Kerberos functionality, but it must have clearly obvious hooks for
handling naming and user level keying.
This is not to say that any of the current proposals is incapable of
being extended to handle this, but thus far I haven't seen the
extensions, as it were. (I'm also a bit concerned that SKIP would need
some alteration to handle user level keying.)
Perry
Follow-Ups: