[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Photuris // entities
-----BEGIN PGP SIGNED MESSAGE-----
content-type: text/plain; charset=us-ascii
In the MLS target scenario, the Responder isn't a "user", it is a
"secure system". I don't know any incoming processes that are
identified with "users". I don't think of FTP as a "user", even though
it might run in user space, as it isn't individually controlled by a
human being.
I think this is an unfortunately limited view of the possibilities.
Kerberos allows you to have multiple distinct "server principals" on a
server, each with a separate cryptographic identity.
Sophisticated applications can and do pick which one they want to talk
to.
So, the only possible "unauthorized" party would be the Initiator.
I don't think that's a reasonable assumption.
1) Consider user-oriented network services like X and Zephyr, where
the "server"/"responder" is close to the user, and the "client"/"initiator"
is off on a server machine. It's not common, but one can have multiple
heads, and multiple X servers, on a single multi-user machine.
2) If a TCP connection is idle, no packets need to flow.
If the active security association expires, *either* end might
need or want to recreate it.
- Bill
-----BEGIN PGP SIGNATURE-----
Version: 2.6.1
iQCVAwUBMIajwVpj/0M1dMJ/AQHZqgP+Ltb7ePmze+8AfdZuT1FLqoXkRmUd3g7F
ea7DOKN65PvDH+ZK7AJ7aQZOUxIds3xIXgybWZ+NiYemFAjkf/P0y0ME0it1RCgm
pfGFVWOu6wloXXgj5lmWeSjbxnLtuGwODgA2GQ/HuFEBT0NE3tGVxtvg2yUJj6QR
Bts/X2eiUbE=
=DnrU
-----END PGP SIGNATURE-----
References: