[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: inbound policy verification

To: Lewis McCarthy <lmccarth@cs.umass.edu>
Subject: Re: inbound policy verification
From: Henry Spencer <henry@spsystems.net>
Date: Tue, 29 Sep 1998 18:46:26 -0400 (EDT)
cc: IPsec WG List <ipsec@tis.com>
In-Reply-To: <36113326.4EF60AA4@cs.umass.edu>
Sender: owner-ipsec@ex.tis.com

> IMHO having a very permissive wildcarded entry at the end of the SPD can be 
> slightly risky, from a s/w engineering perspective.

And as was pointed out in one of the "trust" sessions at the Chicago IETF,
such non-monotonic specifications ("everybody except Joe gets to change
the file") are also relatively difficult to formally reason about, because
adding a credential can reduce permissions.

They are, unfortunately, also very useful.

                                                          Henry Spencer
                                                       henry@spsystems.net
                                                     (henry@zoo.toronto.edu)

References:

Re: inbound policy verification

From: Lewis McCarthy <lmccarth@cs.umass.edu>

Prev by Date: Re: inbound policy verification
Next by Date: Re: multiple payloads via "ID_LIST"
Prev by thread: Re: inbound policy verification
Next by thread: Re: inbound policy verification
Index(es):
- Main
- Thread