[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bruce Schneier on IPsec



>  fyi,
>  
>  http://www.counterpane.com/ipsec.pdf
>  http://www.counterpane.com/ipsec.ps.zip

Snippets aside, the paper raises a lot of important questions, and it
would be worthwhile to step back from the details of IPsec to talk
about them.

The paper includes political, technical, and expository challenges to
the current IPsec.  I'll give a sample of each:

1.  Political:  Would we get better results with a process modeled on
    the NIST AES competition, rather than the current IETF committee
    process?

2.  Technical:  Could the protocols be simplified greatly without
    undermining their usefulness?  For instance,

    -  could transport mode be eliminated?
    -  could AH be scrapped in favor of ESP with authentication? 
    -  could ISAKMP and IKE be significantly simplified, sharpened,
       and disentangled from each other?  

3.  Expository:  Where is it explained what the overall security goals
    of the IPsec enterprise are, and how all the ingredients fit
    together to meet those security goals?

It may be that the authors are ill-informed or misinformed or
misguided in some of their comments.  But that could also be a good
reason to discuss the paper here!  

By the way:  The paper has in fact two authors, Niels Ferguson and
Bruce Schneier.  

	Joshua 

--
	Joshua D. Guttman		<guttman@mitre.org> 
	MITRE, Mail Stop A150 
	202 Burlington Rd.		Tel:	+1 781 271 2654
	Bedford, MA 01730-1420 USA	Fax:	+1 781 271 3816



Follow-Ups: References: