[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
policy versus protocol
> Date: Wed, 23 Apr 1997 13:00:19 -0400
> From: ho@earth.hpc.org (Hilarie Orman)
> I'd thought the goal of the group was to protect the Internet
> environment, i.e. an active attack environment. Thus, it seems to me
> that leaving integrity as an administrator option is contrary to the
> charter of the group.
>
Nobody is talking about leaving _anything_ to an administrator. We are
talking about how to make a _protocol_ specification (bits on a wire)
generic enough to handle current and future needs.
> The conditions for safely dispensing with integrity are very narrow,
> i.e. one of
>
> 1. Physical impossibility of active attacks (NB analysis must be
> end-to-end)
> 2. Encryption method has strong internal integrity (not DES)
> 3. Connection limited to use by applications with strong
> internal integrity
> 4. Attacker can never know or guess ciphertext/plaintext pairs
> from observed traffic
>
This is good (although I'd put #2 first), and should be in the
architecture document!
Then, implementors can read the architecture to decide what threat
scenarios apply to their product.
This is supposed to be a protocol Working Group, not a policy debate
group. Document the applicability, and let the implementors make the
choices.... For example, only the implementor knows whether the
encryption method includes integrity.
WSimpson@UMich.edu
Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
BSimpson@MorningStar.com
Key fingerprint = 2E 07 23 03 C5 62 70 D3 59 B1 4F 5E 1D C2 C1 A2