[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: WG last call for IPv4 AH and ESP
Ran,
I didn't quite follow your reply. Specifically :
> For that particular case (intermediate router sending an ICMP
> message and desiring to authenticate the ICMP message back to the
> sender), if a Security Association does not exist the router
> could sign it using its private key that is associated with its
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> Eastlake-Kaufman signed public key available from the DNS and
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> an RSA signature. This scales as well as the DNS and hence
> as well as the Internet as a whole.
Doesn't this introduce a dependency of the routing system on DNS? That is,
aren't you assuming that all routers will have signed certificates in the
DNS? If so, how do you bring up a routing system without having DNS on-line
to begin with? Do you bring it up unsecure and then secure it? Does this
mean you can't secure it without all routers having DNS certificates?
In addition I think there are a number of proposals on the table that assume
an IPv4 key distribution mechanism based on signed Diffie-Hellman certificates.
Since Diffie-Hellman is a key exchange protocol, you can't sign messages
with the Diffie-Hellman private key.
...
> So I still do not believe that in-band key management is either
> necessary or desirable in this case.
Given the above observations, I would say the jury is out at this point
on whether in-band signalling is useful or not. I'm not saying it is,
but I think we shouldn't prevent it by not accomodating its use with
either the IPv4 or IPv6 security I-Ds.
Cheers,
Dan
Follow-Ups: