[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Naming 1: granularity



This is the first of two related messages that I don't want to send --
or rather, that I probably don't want to see the end of the threat that
they may generate, since I've *never* seen a naming discussion that was
at all pleasant.  That said, the issue has to be raised...

The basic question is this:  when we do a key management exchange -- and
I realize that we haven't yet agreed on how to -- the two negotiators
have to know names for the parties involved.  In the case of two end hosts
negotiating, the name should (but see the next message) refer to the
hosts themselves.  Should these names be IP addresses or domain names?

But that's not the hard case.  The hard case is when one party's
cryptographic functions are performed by a crypto gateway, which protects
a whole group of machines.  Should this gateway use its own name?  Then
how does the remote end know it speaks for the real destination?  Should
the certificate for the crypto gateway contain a list of addresses?  A
list of address/mask pairs?  A list of names?  We cannot do gateway-to-host
or gateway-to-gateway encryption till we settle these and related issues.


		--Steve Bellovin


Follow-Ups: