Re: IPv6 Security Last Call Initial Questions (per user keying)

[Theodore Ts'o <tytso@MIT.EDU>]

   Date: Fri, 31 Mar 1995 18:06:00 -0800
   From: Danny.Nessett@Eng.Sun.COM (Dan Nessett)
   X-Sun-Charset: US-ASCII

    o  You only covered two of the four issues,

The others I thought were obvious from the discussion of the first two.
I specifically covered some of what was necessary to handle an incoming
packet in the previous sections.

    o  You didn't specify how the information about keying material,
       algorithms, etc. are extracted from the key distribution opaque
       data and transformed into a form acceptible to the IP implementation.

Again, I thought that was so obvious that it didn't need much
explanation.  In the case of Kerberos, you get a DES session key out of
the authentication.  That's what you use.  If you want to make a
subsession key, to avoid the problems of reuseing the session key across
multiple connections, that's fine.  Just don't make the mistake the
Kerberos V4 telnet encryption specification made of ignoring key parity
when you generate the subsession key.

In the case of GSSAPI, there is no way through the GSSAPI to get at the
keying of the security association.  But once you have a security
association up, one side can generate a random key, and send across to
the other using gss_seal.

This all can be done.  It is not rocket science.  If you think it is
hard, then say why you think it's hard, instead of complaining that I've
walked through every little tiny detail, as if this were an intro C.S.
class.  

						- Ted

---

• Prev by Date: Re: IPv6 Security Last Call Initial Questions (per user keying)
• Next by Date: Re: IPv6 Security Last Call Initial Questions
• Next by thread: Re: (IPng) Proposed Standard or no?
• Index(es):
  • Main
  • Thread