[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Photuris // entities



-----BEGIN PGP SIGNED MESSAGE-----

content-type: text/plain; charset=us-ascii

   In the MLS target scenario, the Responder isn't a "user", it is a
   "secure system".   I don't know any incoming processes that are
   identified with "users".  I don't think of FTP as a "user", even though
   it might run in user space, as it isn't individually controlled by a
   human being.

I think this is an unfortunately limited view of the possibilities.
Kerberos allows you to have multiple distinct "server principals" on a
server, each with a separate cryptographic identity.

Sophisticated applications can and do pick which one they want to talk
to.

   So, the only possible "unauthorized" party would be the Initiator.

I don't think that's a reasonable assumption.

 1) Consider user-oriented network services like X and Zephyr, where
the "server"/"responder" is close to the user, and the "client"/"initiator"
is off on a server machine.  It's not common, but one can have multiple
heads, and multiple X servers, on a single multi-user machine.

 2) If a TCP connection is idle, no packets need to flow.
    If the active security association expires, *either* end might
need or want to recreate it.

					- Bill






-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBMIajwVpj/0M1dMJ/AQHZqgP+Ltb7ePmze+8AfdZuT1FLqoXkRmUd3g7F
ea7DOKN65PvDH+ZK7AJ7aQZOUxIds3xIXgybWZ+NiYemFAjkf/P0y0ME0it1RCgm
pfGFVWOu6wloXXgj5lmWeSjbxnLtuGwODgA2GQ/HuFEBT0NE3tGVxtvg2yUJj6QR
Bts/X2eiUbE=
=DnrU
-----END PGP SIGNATURE-----


References: