[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on IPSO and AH/ESP

To: "Housley, Russ" <housley@spyrus.com>, ipsec@ans.net
Subject: Re: Comments on IPSO and AH/ESP
From: Ran Atkinson <rja@bodhi.nrl.navy.mil>
Date: Thu, 17 Aug 1995 08:11:51 -0400
In-Reply-To: "Housley, Russ" <housley@spyrus.com> "Re: Comments on IPSO and AH/ESP" (Aug 16, 19:07)
References: <9507168086.AA808625269@spysouth.spyrus.com>
Reply-To: rja@cs.nrl.navy.mil
Sender: rja@bodhi.cs.nrl.navy.mil

Russ,

  I personally could not agree more that implicit security labels are
the better way to go.  The recently published Proposed Standard RFCs
actually require that systems claiming to provide MLS features MUST
implement support for implicit labels.  NRL's (otherwise single-level)
implementation for 4.4 BSD supports implicit labels.  

  For that matter, I think that data at different security levels
ought to use encryption to provide separation of data (DES encryption
is vastly better than no encryption, IMHO, though the military will no
doubt use Type 1 algorithms instead of DES).

  Reality is that there are folks (primarily TSIG/CIPSO people and
those who have been strongly influenced by them) who will continue
using explicit labels.  It would be significant risk reduction to
authenticate such IPSO (or CIPSO, though that is neither standard nor
widely interoperable [we run multi-vendor tests of this once in a
while] or well documented) labels end-to-end using AH, hence my
concern that IPSO be included in the AH computation (as the Proposed
Standard RFCs already require).

Thanks for your note.

Regards,

Ran
rja@cs.nrl.navy.mil

Follow-Ups:

Re: Comments on IPSO and AH/ESP

From: Andy Bayerl <bayerl@zk3.dec.com>

Prev by Date: Re: Comments on IPSO and AH/ESP
Next by Date: Re: Comments on IPSO and AH/ESP
Prev by thread: Re: Comments on IPSO and AH/ESP
Next by thread: Re: Comments on IPSO and AH/ESP
Index(es):
- Main
- Thread