[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Nodes and Users

To: ipsec@ans.net
Subject: Re: Nodes and Users
From: smb@research.att.com
Date: Tue, 07 Nov 95 18:41:59 EST

I sent this out a few days ago, but I was having some mailer troubles
and it may not have made it.  My apologies to any who have seen it
twice.  (And I apologize even more that I won't be able to reply
to any comments for a few days; I'll be out of town and offline.)

---

For the most part, I'm coming to the conclusion that Photuris per se
is adequate (at least in this respect).  The disagreements seem to be
about naming, which doesn't surprise me, since as I've often said,
I've never yet been in a naming discussion that was at all pleasant --
and most of the unpleasantness comes not just because everyone thinks
they're right, but because everyone *is* right.

I suspect that what's needed is yet another RFC, on Names.  For now,
the Photuris RFC should punt on that issue, and say only that all end
systems SHOULD (or is it MUST?) support multiple local names, and
that all Photuris negotiations MUST specify the names of both parties,
and that the responder MUST reply using a name (and hence key) belonging
to an entity at least as specific as was requested.  The latter language
is intended to support systems that bind a particular key to the
random port number assigned this time, even though the initiator
hasn't asked for that much specificity.  Put another way, if the name
space is lattice-structured, the responder can use any key that is
less than or equal to the requested key.  Another concrete example
would be a response signed by root@foo.bar, when the initiator just
asked for bar.

Or maybe that whole question should be deferred to the naming RFC.

Note that I'm *not* worried about syntax, I'm worried about semantics.
The fact, for example, that IP address can be mapped into the DNS name
space is monumentally uninteresting, because they're in a different
tree than the the names, the mapping between the trees is
unauthenticated, and users see names while kernels see addresses.

Btw -- no, I'm not volunteering to write it; apart from the fact that
my writing queue overfloweth, I'm quite certain I don't know the
answer.

		--Steve Bellovin

Follow-Ups:

Re: Nodes and Users

From: Hilarie Orman <ho@cs.arizona.edu>

Prev by Date: Re: photuris-06.txt
Next by Date: Re: Nodes and Users
Prev by thread: Re: Nodes and Users
Next by thread: Re: Nodes and Users
Index(es):
- Main
- Thread