[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: is manual keying mandatory
I am in total agreement with Dan and Steve. If someone wants to commercialize
manual keying - you need to start with SKIX IETF WG first (Symmetric Key
Infrastructure Architecture), similar to PKIX, or use standards like X.17, etc for
key distribution and management - and I wish you lots of luck with it!
But if someone wants to use manual keying for diagnostics only - go ahead - and
differentiate your product in the marketplace, but don't drag me into it by
mandating this useful, but IMHO optional capability.
Slava Kavsan
IRE
Daniel Harkins wrote:
> A certain paranoid individual (guess who) once told me that he would trust
> an armed military courier delivering keys created from a known and trusted
> random source more than he would trust the output of a Diffie-Hellman exchange.
> There's not many of these people (or maybe there are and I just hang around
> with the wrong crowd) but that's a use of manual keying.
>
> The insecurity of manual keying would depend on the implementation and
> the general security of the box it's running on.
>
> Actually, considering that most commercial implementations aren't going
> to let buyers look under the hood, paranoia of that sort might not be all
> that unfounded. People could cut corners in their random number generator
> or lessen the size of their Diffie-Hellman exponential to speed up
> exponentiation. If you're really paranoid and/or have extremely sensitive
> data to protect and you don't have absolute trust in your vendor then
> manual keying might make sense.
>
> Dan.
>
> > Could somebody planning a *commercial* IPSec implementation which actually
> > uses manual keying spend a few minutes and tell us the details of
> > transmittal and storage of keys, etc.? Could they also discuss any
> > "insecurities" inherent in the problem? Or is manual keying in the spec only
> > for diagnostic sorts of images and bakeoffs?
References: