[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re[2]: key management

To: ipsec@ans.net
Subject: Re: Re[2]: key management
From: Ran Atkinson <atkinson@sundance.itd.nrl.navy.mil>
Date: Wed, 14 Dec 1994 12:12:06 -0500
In-Reply-To: "Housley, Russ" <housley@spyrus.com> "Re[2]: key management" (Dec 14, 8:29)
References: <9411147874.AA787422556@spysouth.spyrus.com>
Reply-To: atkinson@itd.nrl.navy.mil
Sender: atkinson@sundance.itd.nrl.navy.mil

On Dec 14,  8:29, Housley, Russ wrote:
} Subject: Re[2]: key management

%  This means that EVERY transport layer implemntation must be modified
% to use IPSP with the key management you propose.  The whole reason for
% placing the security protocol in the IP layer is lost if we have to
% modify the consumers of IP services to be IPSP and IKMP aware.

Yes, though such modifications are not especially complex in many
common implementations (e.g. BSD derived).  Access to the TCP
implementation source within an OS is normally included when one has
access to the IP implementation sources, though probably not in every
obscure case.

% My understanding was that the IP layer was selected so that the
% security could be slipped into the protocol stack with alot of
% transparency.  If IPSP has the same interface as IP, then none of the
% consumers of IP service need to be modified, although they do need to
% be relinked.

I do not think that transparency was particularly the primary reason
for the decision though it might have been one factor.

Some of us agitated specifically for transport-layer encryption and
support for transport-layer encryption with IPv4 security was -- at
one time -- agreed to (using an SP3N-like approach).

%  IPv6 may have an advantage here since they are defining a new
protocol,
% they also get to design a new service interface.  The new service
% interface MAY be more compatible with your goal.

It appears to be MUCH more work to move an existing TCP implemnetation
to work over IPv6 than to modify that implementation to pass the data
down that is needed for per user keying -- in a BSD-derived
implementation.  In an implementation that has strict layering
(e.g. x-kernel), implementing support for per-user keying is a more
complex issue.

The IPv6 ESP spec specifically discusses the use of ESP in
transport-mode to provide transport-layer encryption.  Support for
transport-layer encryption (e.g. keep IP header cleartext whilst
encrypting the TCP, UDP, routing, or ICMP data) was an explicit design
goal.

Ran
atkinson@itd.nrl.navy.mil

References:

Re[2]: key management

From: "Housley, Russ" <housley@spyrus.com>

Prev by Date: Re: randomness & perfect forward (or proactive?) secrecy
Next by Date: Re: Human I&A, IPsec, and their non-relationship
Prev by thread: Re[2]: key management
Next by thread: Re: Re[2]: key management
Index(es):
- Main
- Thread