[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject

>Aziz (and others), could you enumerate all the disadvantages/costs associated
>with deciding on perfect forward secrecy as a requirement?

Sure, I would be happy to.

Think about time critical network management operations that
have authentication of management entities as a prime concern.

Burdening this application with a high overhead session
oriented key-management for the sake of perfect forward
secrecy, (when secrecy itself is not an issue)  is very poor 
system design. The whole reason for running SNMP primarily 
on top of UDP was to keep it lightweight and quick. Now you
want to add an elaborate high overhead protocol underneath
it as a *mandatory* feature, which has no justification
in this context.

Think about ICMP messages. Do you want to have a session/exponentiations
for each and every one of them, for the sake of perfect forward
secrecy, when secrecy itself may not be a concern?

There are many many such examples, and I am sure members
of the list can come up with their own.

Do you believe that vendors that sell IPSP will turn on
strong encryption by default? You stated at the IETF meeting
that you (IBM) want to build exportable products (with
weak or no encryption). Now you are pushing a feature as
mandatory that makes sense only when used with strong
encryption (something that you yourselves dont intend to
make the default).

Working for a computer company, I understand that computers are 
getting faster every year. We love to sell our latest and fastest 
computers, but we also realize that we can't expect our customers
to throw out all the equipment that they have already purchased
and spent billions of dollars on, as soon as the new models arrive. 

The installed base of computers does not vanish easily, and we
should be careful about mandating features that are *not* necessary
in many circumstances, and which pose an unreasonable protocol
and computational burden to the millions of computers installed
in the field *today*.

Therefore I cast a strong *no* vote to making this feature
mandatory. (I have already stated that I support this as
an optional feature for situations where secrecy is essential).

Ashar.

Prev by Date: IPSEC Minutes - December 1994
Next by Date: Re: SKIP & Patent #5,081,678
Prev by thread: No Subject
Next by thread: Patents and Standards
Index(es):
- Main
- Thread