[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
FW: Dangling phase 2 SAs (was RE: issues from the bakeoff)
My response to Michael's private email was sent before his post to the list
appeared...
-----Original Message-----
From: Tim Jenkins
Sent: June 18, 1999 10:18 AM
To: 'Heyman, Michael'
Subject: RE: Dangling phase 2 SAs (was RE: issues from the bakeoff)
> -----Original Message-----
> From: Heyman, Michael [mailto:Michael_Heyman@nai.com]
> Sent: June 18, 1999 10:10 AM
> To: 'Tim Jenkins'
> Subject: RE: Dangling phase 2 SAs (was RE: issues from the bakeoff)
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> The issue of dangling phase 2 SAs seems to have created a camp that
> believes that when a certificate is revoked, a compromise has
> occured, and therefore any phase 2 SAs created under the phase 1 SA
> with a now revoked certificate as the authentication mechanism should
> be removed.
>
> Point 1: Compromise? What compromise?
>
> There are many reasons to revoke a certificate that in no way
> invalidates authorizations that certificate performed prior to the
> revokation. For example, an employee leaves a company, the company
> revokes that employees certificate. Actions that employee took while
> still employed are still valid.
I don't think system administrators would agree with you here. If an
employee leaves a company, he/she is supposed to leave behind all access to
that company's assets. The longer SAs are left up after this point, the
greater the exposure.
Yes, it's a different kind of compromise that key material or
authentication, but it's a compromise none the less.
>
> Point 2: That compromise didn't hurt this old SA.
>
> If a compromise occurs on a phase 1 authorization mechanism (such as:
> private key stolen or shared secret blurted out in the throws of
> passion), obviously, the phase 2 SAs under that mechanism created
> _after_ the compromise are suspect :-).
>
> But, the phase 2 SAs created _prior_ to the compromised are not
> suspect if perfect forward secrecy is used (and the Phase 1 SAs get
> deleted ASAP). The phase 2 SAs may not even be suspect if perfect
> forward secrecy is not used as long as the host whose authorization
> is in question is not compromised.
Yes, you're right, but this isn't the kind of compromise I'm trying to
minimize.
I'm trying to minimize the unauthorized access window.
>
> - -Michael Heyman
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 6.5.1b23
>
> iQA/AwUBN2pSD7XbkJfuXzRQEQI6XwCcCog8f6jE/CaMrMut3dIOg/vFB6UAoORS
> LTC7i6XlGKC2gFREN0P0WMdS
> =DYTO
> -----END PGP SIGNATURE-----
>