[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPv6 Security Last Call Initial Questions

To: bound@zk3.dec.com
Subject: Re: IPv6 Security Last Call Initial Questions
From: jis@mit.edu (Jeffrey I. Schiller)
Date: Fri, 24 Mar 1995 20:09:01 -0500
Cc: ipsec@ans.net, jis@mit.edu, deering@parc.xerox.com, rcallon@pobox.wellfleet.com, hinden@ipsilon.com, bound@zk3.dec.com

At 17:29 3/24/95, bound@zk3.dec.com wrote:
>2.  DES-CBC Encryption.  Could I get the formal answer to this question
>    from you for the record?  This question could also be asked of the IESG
>    at that Last Call effort too [if necessary].
>
>    An IPv6 implementation is required (MUST) to implement DES-CBC.  Yet
>    in my country (U.S.A.) being conformant means that vendors MUST build a
>    product that cannot be exported to the International market.
>    Changing it to SHOULD would eliminate this objection to the draft.
>
>    Why cannot we use the word SHOULD?

I'll throw my two cents in here.

It says MUST because in the IETF when one designs a protocol that
permits different algorithm suites, one must be specified as required.
Otherwise it would be possible for two conforming implementations to not
interoperate. The name of the game *is* interoperation, so this really
isn't a good situation to be in.

A long time ago we decided within the IETF that we will standardize on
strong security technology and not let the foibles of one (or more)
governments cause us to standardize less then strong alternatives (like
40 bit keyed RC4).

Now given that we must have a required algorithm, what are our
alternatives:

1) DES-CBC (or something similar) which has export problems from the
U.S. and some other countries.

2) 40 bit RC4, which we really cannot standardize because RC4 is an
unpublished trade-secret algorithm of a proprietary nature (one can
argue that since its publication on the Internet, the cat is out of the
bag, but the technology authors have yet to acknowledge that fact and we
don't want to fight this one). This approach also may violate the "we
use strong stuff" criteria.

We could just punt on ESP, which I am sure some governments would think
is just fine.

However, to me, the whole point of standardizing ESP is to have a strong
confidentiality service.

Given U.S. export control law, some vendors will choose to not implement
ESP, even for domestic use. If customers want it, they will go to other
vendors. Overseas other companies can market ESP based products within
their own countries and beyond (depending upon their laws).

My opinion is that U.S. vendors should spend their efforts working with
the U.S. government to remove the byzantine and counter productive
export control laws rather then insist that the Internet standards
process give them an easy out.

Sorry. That's how I feel about it.

                                -Jeff

Prev by Date: I-D ACTION:draft-ietf-ipsec-auth-00.txt
Next by Date: Re: MD5 versus SHA
Prev by thread: Re: IPv6 Security Last Call Initial Questions
Next by thread: Re: IPv6 Security Last Call Initial Questions
Index(es):
- Main
- Thread