Re: challenges for the IPSEC group

[bmanning@isi.edu]

> We do need to pick a certificate format -- and that won't be easy,
> especially given the feelings on that subject.  (The IETF has two
> different working groups on the topic.)  If the certificates can
> have multiple signatures, we need some way to turn this signature
> graph into an authorization list.  For example, I may wish to allow
> John Gilmore access to my system.  But I'd should, perhaps, be a mite
> suspicious if what purported to be his certificate were signed by
> Louis Freeh.  But what if it's also signed by Jeff Schiller, using
> a key I know to be valid?  Or what if there are three levels of
> unknown and circular indirection in there?  How do I build an ACL
> that captures the proper policy?  As has been noted, a simple tree
> has operational advantages, but it's not at all clear that we can
> or should restrict ourselves to such a structure.

	I noted in one mtg or other that perhaps one method would
	be to co-opt some of the work being done in the RPS wg.
	They are developing a policy description language with the
	inital target being routing. I expect that with a couple of
	twists, it could be made applicable here as an authorization
	policy language.

--bill

---

References:

• challenges for the IPSEC group
• From: Steve Bellovin <smb@research.att.com>

---

• Prev by Date: Re: Key Management, anyone?
• Next by Date: Re: Key Management, anyone?
• Prev by thread: challenges for the IPSEC group
• Next by thread: Re: challenges for the IPSEC group
• Index(es):
  • Main
  • Thread