[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: key management
> To: perry@imsi.com
> Cc: ipsec@ans.net
> Subject: Re: key management
> In-Reply-To: Your message of Tue, 13 Dec 1994 11:13:59 -0500.
> <9412131613.AA12283@snark.imsi.com>
> Date: Tue, 13 Dec 1994 13:15:28 -0500
> From: "Avi Rubin" <rubin@faline.bellcore.com>
>
>
>
> >
> >2) Mutually distrustful users on a single host CANNOT be trusted to
> >know each others keys. Systems that use host keying conflate
> >different users cryptographic keys, making all sorts of unfortunate
> >attacks possible. Preventing seperate users from using each others
> >keys is necessary.
>
> How do you propose for mutually suspicious users to use
> the same host?
>
Mutually suspicious users can only share the same host if you
have a trusted operating system of some kind to separate them.
Follow-Ups:
References: