[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: key management

To: atkinson@itd.nrl.navy.mil
Subject: Re: key management
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 13 Dec 1994 15:05:59 -0500
Cc: ipsec@ans.net
In-Reply-To: Your message of "Tue, 13 Dec 1994 14:05:49 EST." <9412131405.ZM11687@sundance.itd.nrl.navy.mil>
Reply-To: perry@imsi.com


Ran Atkinson says:
> % 3) All seem to lack hooks for a user level authentication system,
> %    and this deficiency makes producing user level applications
> %    difficult to write.
> 
> I don't understand what Perry means by this.

Take Kerberos as a model for a moment.  Kerberos lets applications
determine the identity of your counterparty in communication, which is
usually something of the form "user.role@realm.dom". I'm not saying
that we need to adopt that particular naming or provide that
capability directly in the key management layer, but if we cannot
ultimately find out who our counterparty is there is no way to write
things like a secure telnet or a secure distributed file system using
this mechanism. IPSP and the rest remain partially useful even without
such mechanisms -- you can build secure tunnels between networks --
but to make them dramatically useful you need to be able to extract
information about the counterparty identity on a granularity below
that of the host you are communicating with.

Karn's proposal comes the closest in this regard in so far as he
doesn't define the entities exchanging keys and allows the key
structures themselves to contain identity information (or so he tells
me). However, he'd need to be a bit more explicit about this. MKMP
seems to be easily modified to handle this sort of thing
currently handle it. 

I strongly encourage people to think in terms of providing AT LEAST as
much functionality to the application writer as Kerberos provides --
without that much functionality we haven't really secured the internet.

> A draft IPv6 API for Security Extensions to BSD Sockets is likely to
> appear soon as an Internet Draft.  That might be a useful item in
> focusing discussion of how applications might use provided security
> services for whichever set of people happen to be concerned with that
> issue.

Indeed it would. I was under the impression, actually, that this draft
had already been posted but was incomplete -- am I wrong?

.pm

References:

Re: key management

From: Ran Atkinson <atkinson@sundance.itd.nrl.navy.mil>

Prev by Date: Re: Diffie-Hellman
Next by Date: Re: key management
Prev by thread: Re: key management
Next by thread: Re: key management
Index(es):
- Main
- Thread