[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: key management
Perry:
I have a real problem with your list of requirements, especially number 1.
Your list is:
1) They lack a specified method for managing separate keys for
separate users; this is an articulated requirement for the
IPv6 case according to the IPng Directorate.
2) All but SKIP lack clearly articulated key certificates (and SKIP's
seem to be X.509 based, which is probably non-optimal)
3) All seem to lack hooks for a user level authentication system,
and this deficiency makes producing user level
applications difficult to write.
Number 1 requires the IPSP implementation to be tightly integrated with the
transport layer implementation. I hope that we are desigining a solution
that will work with ANY transport layer protocol, including TCP, UDP, TP4,
and even TP0/RFC1006/TCP. If this is not the case, then we loose all of
the advantages of a security protocol at the IP layer.
Multiplexing occurs in the transport layer, and this multiplexing makes it
difficult to determine which application process is involved in the
communication. Human users are simply not represented at the IP layer.
Hosts and routers (things with IP addresses) are represented at the IP
layer. IPSP implementations will become significantly more complex if we
try to represent things outside the IP layer.
I strongly recommend that we leave authentication of users to the
application that already has a model for representing them. Thus, I take
issue with both number 1 and number 3 on your list.
I agree with number 2, we need to pick a certificate format. However, I
think that certificates to support IPSP should contain host names, not user
names.
Russ
Follow-Ups: