RE: Dangling phase 2 SAs (was RE: issues from the bakeoff)

["Heyman, Michael" <Michael_Heyman@nai.com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The issue of dangling phase 2 SAs seems to have created a camp that
believes that when a certificate is revoked, a compromise has
occured, and therefore any phase 2 SAs created under the phase 1 SA
with a now revoked certificate as the authentication mechanism should
be removed.

Point 1: Compromise? What compromise?

There are many reasons to revoke a certificate that in no way
invalidates authorizations that certificate performed prior to the
revokation. For example, an employee leaves a company, the company
revokes that employees certificate. Actions that employee took while
still employed are still valid.

Point 2: That compromise didn't hurt this old SA.

If a compromise occurs on a phase 1 authorization mechanism (such as:
private key stolen or shared secret blurted out in the throws of
passion), obviously, the phase 2 SAs under that mechanism created
_after_ the compromise are suspect :-).

But, the phase 2 SAs created _prior_ to the compromised are not
suspect if perfect forward secrecy is used (and the Phase 1 SAs get
deleted ASAP). The phase 2 SAs may not even be suspect if perfect
forward secrecy is not used as long as the host whose authorization
is in question is not compromised.

- -Michael Heyman

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1b23

iQA/AwUBN2pShrXbkJfuXzRQEQIMBgCgvfNKs6RbPoVS5itT2BKbEcuzwJEAn0/Y
y8cH7gP/TPTXWz6h/0LTqta5
=8Yuv
-----END PGP SIGNATURE-----

---

Follow-Ups:

• RE: Dangling phase 2 SAs (was RE: issues from the bakeoff)
• From: Stephen Kent <kent@bbn.com>

---

• Prev by Date: RE: Dangling phase 2 SAs (was RE: issues from the bakeoff)
• Next by Date: RE: Dangling phase 2 SAs (was RE: issues from the bakeoff)
• Prev by thread: RE: Dangling phase 2 SAs (was RE: issues from the bakeoff)
• Next by thread: RE: Dangling phase 2 SAs (was RE: issues from the bakeoff)
• Index(es):
  • Main
  • Thread