[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPv6 Security Last Call Initial Questions (per user keying)


You observe that:

>    Changes to the Socket/TLI/XTI interfaces will be needed in any event
>  so that applications that are "security-aware" can request the
>  particular security services that they desire.

which, I agree, is true.

>    A document that discusses some of the API issues is already online
>  with a filename similar to "draft-mcdonald-sec-api-*.txt".  I should
>  mention that the Security API draft is a drafty draft mainly out to
>  focus discussions.  Also, the IETF doesn't standardise APIs so that
>  would become an Informational RFC if it went to RFC in the future.
Note, the McDonald draft doesn't address the issue of moving security
context information between an application process and the kernel.

I talked with Bob Gilligan about this and we sketched out a way that such
an interface might work (on both the client and server sides). However, I
think the proponents of making per-user keying mandatory should at least
provide a feasibility design that sketches out how, for example, the socket
interface could be changed to allow per-user keying. It is only prudent
that such an existence proof exist before making per-user keying mandatory.

I think the design needs to address at least the following issues :

 o  How will the SPI and security context information be passed from both
    connecting and accepting processes to the IP implementation?

 o  How might this information be derived from the key management protocol?
    Any choice here can be used, Photuris, Kerberos, etc.

 o  What will happen when an IP packet is processed both on the sending
    and receiving sides?

 o  What calls are necessary so that an application can find out the
    algorithms and key parameters that the system supports.

This doesn't have to be an Internet Draft or anything, a simple email message
will do. But the IPsec WG should be convinced that per-user keying can
be supported before making it mandatory.


P.S. Ted says this is easy, so perhaps he can consider this as a challenge :-).