[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

photuris-06.txt

To: ipsec@ans.net
Subject: photuris-06.txt
From: Ran Atkinson <rja@bodhi.cs.nrl.navy.mil>
Date: Wed, 1 Nov 1995 15:49:42 -0500
Cc: rja@cs.nrl.navy.mil
Reply-To: rja@cs.nrl.navy.mil
Sender: rja@bodhi.cs.nrl.navy.mil

Personal comments on the photuris-06.txt draft, mostly organised
by document section...

1.6:	Please replace the string 	"in Multi-Level Secure
environments,"
	with the string			"for multi-user systems,"

2.0 (2):   It is conceivable that not all ICMP Dest Unreachable,
	Communication Administratively Prohibited messages that are
	received will relate to IPsec.  It is possible that they might
	originate at a Firewall that does not implement IPsec, for
	example.

	   Hence, I'd like to suggest that this text be clarified so
	that an implementation understands that receipt of such an ICMP
	message might be good cause to try Photuris but that it is not
	a "MUST" requirement to try Photuris in that case.

2.4:	   Delete the sentences below because the document should only
	specify mechanism and must not specify policy.  Different sites
	can and will have different policies.  Policies are not
appropriate
	matter for a regular standards-track document.  I  don't yet
	fully understand the new BCP document class, but it is
conceivable
	that one might specify a policy in a BCP style document that is
	separate from the mechanism document.

	...
	"Encryption policy is in the SPI User (sender) direction."
	...
	"Authentication policy is in the SPI Owner (receiver) direction."
	...


	   I don't understand the meaning of the sentence below.  Please
	either clarify it or delete it.  Perhaps you are trying to say
	that "choices are made from the set of offered attributes and
that
	a node does not need to create an SA for each possible
combination
	of offered attributes" ??

		"It is not required that a Security Association be
created
		including every offered attribute, or that a SPI be
created
		for every offered attribute."

3.3:	  I propose rephrasing
		"Instead, the secret SHOULD be changed at the same
		frequency as its Exchange-value."
	  to instead read
		"The Responder secret random value SHOULD be changed at
		the same frequency as its Exchange-value."

4:	Instead of saying "unused", I'd suggest saying "Reserved for
	possible future use" so that folks clearly understand that
	this is not a field that they can play with.  This comment
	repeats throughout the remainder of the draft.

4.1:	How does the Initiator determine the Initiator-Exchange-Value ?
	If this is explained elsewhere in the Photuris spec and I
	missed the explanation, then that means an explicit section
	reference is needed here.

	Which 3 Security Parameter attributes are required ?
	I wonder if this might be trying to say something like:
		"The Initiator-Offered-Attributes MUST include
		at least MD5, DES-CBC, and some certificate."


4.2:    Same comment as for 4.1 about "3 minimum Security Parameter
	attributes". I HAVE read the spec but it is not really clear
	which 3 are mandatory.


B:	Please change "unassigned" to read "Reserved to IANA" for the
	Attribute Type numbers.  It is important that people understand
	that they cannot just take and use these numbers wantonly.

I didn't finish all of the material after 4.2 in draft-06, but think
it is probably sensible to go start on draft-07a (though you won't
get comments from me until Monday at the earliest).

Ran
rja@cs.nrl.navy.mil

Prev by Date: naming
Next by Date: Re: key management information
Prev by thread: naming
Next by thread: Re: photuris-06.txt
Index(es):
- Main
- Thread