[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on latest IPSP

To: "Joe Tardo" <joe_tardo@genmagic.com>
Subject: Re: Comments on latest IPSP
From: "Donald E. Eastlake 3rd" <dee@world.std.com>
Date: Fri, 05 May 1995 15:24:07 -0400
Cc: "ipsec" <ipsec@ans.net>
In-Reply-To: Your message of "02 May 1995 12:32:13 EDT." <199505021942.AA21417@interlock.ans.net>

Joe,

From:  "Joe Tardo" <joe_tardo@genmagic.com>
To:  "Donald E. Eastlake 3rd" <dee@world.std.com>
Cc:  "ipsec" <ipsec@ans.net>
X-Mailer:  Mail*Link SMTP-QM 3.0.2
}        Reply to:   RE>>Comments on latest IPSP drafts 
}
}Donald:
}
}You said:
}
}>Weak encryption you could get by the NSA with an open algorithm would
}>be sufficiently useless that I see no reason for using it, let alone
}>making it madatory.
}
}I agree, but am compelled to ask, do you not lock your car (which, I believe, 
}presents a much greater inconvenience if compromised than the typical
}mail messages) because car locks can be easily defeated?  Lofty principles
}are fine,  I even have them, but holding out for perfection is one reason why
}interaction over the Internet is unprotected today.  The other, of course, is
}that nobody wants to pay extra for it (much like auto security systems).

Well, Joe, I'm willing to admit that things a bit more complex than I
have made out, due mostly to a desire on my part for brevity.

In answer to the above, things really are different in differnt media.
There are people who would spend days developing code breaking tools
(which could then be almost infinitely replicated for almost no cost)
who would not break my car's window and vice versa.  Furthermore, I've
very likely to know that someone has broken into my car or stolen it.
If someon broke my master key, I might not know while they read *all*
my mail, financial transactions, etc., for years or, in the future, be
able to transfer all my funds out of all my bank accounts, etc.

I'm certainly not holding out for "perfection", whatever that is.  I'm
calling for the one required standard interoperable crypto algoithm to
be the most widely implemented most standard encyrption algorithm
there is, namely DES.  It is adequately strong for most things.  I'd
be pusing for DES-IDEA-DES or something if I wanted "perfection".

}OK, so flame me, but, having watched this business for 10 years, I'd hate to
}see IETF fail for the same reasons others have.  If there's no "good enough,
}easy for vendors to build in for free" option, I'd expect to put my RFC's on
}the
}same shelf with SDNS.

But I think there more or less is.  Essentially any vendor doing
anything much with security has DES code.  It's been freely ftp'able
for years.  There are many hardware implementations.  It is good
enough, in my opinion.  IT WILL ONLY BE (imcrementally) FREE (to the
customer) IF IT IS MANDATED.  Even Jim Bounds, the strongest opponent
of mandating DES I've even seen, said he was implementing it.  I can't
see just what social/deployment failure would be likely.  I suppose
most industrial governments could get together and ban encryption or
mandate clipper but short of that export policies will make little
difference.  Vendors will implement DES domestically in enough
countries that border barriers to export/import just won't matter.

}Joe

Donald

References:

Re: Comments on latest IPSP

From: "Joe Tardo" <joe_tardo@genmagic.com>

Prev by Date: Re: ipsec compression support
Next by Date: compression, privacy, and authenticity transforms
Prev by thread: Re: Comments on latest IPSP
Next by thread: Compression - was Re[2]: Comments on latest IPSP drafts
Index(es):
- Main
- Thread