[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Routing

Bill writes:

    Second, it would help if you used the terminology in the drafts.  MAC is
    not a term used in this context.  SAIDs will not encode Media Access
    Control information.  (Yes, _I_ know you meant "Message Authentication
    Code", but that implies the _result_ of the hash, which is called
    "Authentication Data" in our drafts.  Only the authentication _mechanism_
    is indicated by our SAID.)

I think Dean was using yet a 3rd meaning to MAC which is very familiar 
to the MLS CMW world, namely "Mandatory Access Control", which refers
to using sensitivity labels to strictly control access to data.
The security architecture document itself refers to *MAC* in that context:


    A multi-level secure (MLS) network is one where a single network is
    used to communicate data at different sensitivity levels (e.g.
    Unclassified and Secret).  Many governments have significant interest
    in MLS networking. [DIA] The IPv6 security mechanisms have been
    designed to support MLS networking.  MLS networking requires the use
    of strong Mandatory Access Controls (MAC) which ordinary users are
    incapable of controlling or violating.  Mandatory Access Controls
    differ from Discretionary Access Controls in this respect.

(You did _read_ the document, did you not? :-)

There is a paragraph in there that I think may have Dean (and I also)
to infer that the document implied overloading the SAID with *MAC* 

    The Encapsulating Security Payload can be combined with appropriate
    key policies to provide full multi-level secure networking.  In this
    case each key must be used only at a single sensitivity level and
    compartment.  For example, Key "A" might be used only for sensitive
    Unclassified packets, while Key "B" is used only for
    Secret/No-compartments traffic, and Key "C" is used only for
    Secret/No-Foreign traffic.

I (at least) had equated the *key* in this paragraph to the SAID.