[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

editorial on Photuris




Bill,

[My co-chair hat is on]

% I have no idea what you are talking about.  PGP is not supported in the
% base spec.  

Then add it now.  See recent note from Phil Karn to the IPsec
list agreeing this was OK.

% It has been thusly revised:

Either you really don't seem to be willing to cooperate OR you really
don't follow the discussions so far, so I am reluctantly providing
VERY specific guidance on the text.  Please go edit accordingly.

%    Internet Security protects against threats that come from the
%    external network, not from mutually hostile users of the nodes
%    themselves. Any secure multi-user operating system MUST be able to
%    protect its resources from hostile users, and protect one hostile
%    user from damaging the resources controlled by another hostile user.

Delete above paragraph.

%    When required for secure multi-user environments with discretionary
%    access controls, the Photuris Identification can be used to provide
%    separate limited authentication from each user of one node when
%    communicating with another common node. To provide user-oriented
%    keying, the nodes can initiate multiple concurrent Photuris
%    exchanges. These may provide separate user Identification from the
%    Initiator to the Responder in each direction.

Rephrase "secure multi-user environments" to "multi-user environments"
in the above.  

%    Each secure multi-user operating system MUST be capable of
%    separately maintaining multiple Identification Exchange SPI values
%    for each Value Exchange calculated shared-secret. It is the
%    responsibility of the Source to internally segregate the
%    shared-secret and different session-keys provided per Destination,
%    and select an appropriate SPI for each datagram transmission.

Rephrase "secure multi-user operating system" to "multi-user operating
system" (or if you prefer "multi-user operating systems having
discretionary access controls") in the above.

% And in the implementation notes:

%    Successful use of user-oriented keying requires a significant level
%    of operating system support. If the operating system has a security
%    vulnerability, then there is no basis for separate user-oriented
%    keying.

Delete the word "significant".  We built it in BSD already and it is
_NOT_ that hard to do, sorry.

%    Use of multi-user segregated exchanges likely requires added
%    functionality in the transport API of the implementation operating
%    system. Such a mechanism is outside the scope of this document.

Replace "likely" with "might" in the above.

%    It has been suggested that the Photuris exchange could also be
%    established between particular application or transport processes
%    associated with a user of a node. Such a mechanism is emphatically
%    outside the scope of this document.

Delete above paragraph.

Thanks very much.

Ran
rja@cs.nrl.navy.mil

Co-chair, IP Security WG





Follow-Ups: