[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Fwd: Last Call: Security Architecture for the Internet Protocol to]




-- BEGIN included message

Paul Koning wrote:

>  Scott> The amount of MUSTs in the current spec are necessary if you
>  Scott> want your network to be SSSSEEEECCCCUUURRRREEE.
>
> Do you really believe that?  If so, I'm worried.
>
> In fact, a big security spec is less likely to be secure than a small
> one, given that the number of bugs increases with size (often more
> than linearly).
>

I've apologized elsewhere for the tone of my post. My underlying
motivation for the comments above is partly that this 'spec' has been
worked on by some of the world's foremost security people, and I am
confident that most of the unnecessary junk has already been cut from the
design. I am not a security expert (yet), so I may be incorrect. However,
viewing many of the names on this list in the appropriate historical
perspective lends credence to the notion that, for the most part, this
protocol suite has been very well thought out. As mentioned in related
posts, time will tell.


-- END included message