[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bruce Schneier on IPsec
On Wed, 19 Jan 2000, Jan Vilhuber wrote:
> What I find galling is that the authors could have been part of the working
> group all this time, when in fact they weren't. To then come at the group
> after all these years and nit pick it to death is not appropriate.
To analyze the results of the group's work is surely legitimate. Indeed,
it is highly desirable to have such analysis done by people who were *not*
part of the standard-development process. IPSEC is currently at Proposed
Standard status, last I looked, which is precisely the point where such
detailed critiques by non-participants are appropriate -- the protocols
are believed to have settled down but are not yet deemed fully mature.
> Especially considering that a lot of what they point out has already been
> discussed, and, in some cases, rejected. Not many of the points made are, in
> fact new, or unknown to the working group.
And where, exactly, are these written up in a form intelligible to non-WG
observers? In a fairly strong sense, it does not *MATTER* whether the WG
has discussed them, if that discussion, its reasoning, and its conclusions
are not openly and readably documented. For some protocols, a "trust us,
this is right" approach is at least defensible; for security protocols, it
isn't.
> And it is my humble opinion, that the authors don't fully understand the
> protocol, nor indeed some of the special challenges of networking...
I wouldn't be surprised; in fact, the authors admit as much in some
places. But whose fault is that? The IPSEC spec is better than it used
to be, but it's still pretty bad. Most notably, as F&S observe, it is
glaringly deficient precisely in explaining *why* it does things the way
it does. Again, this is a situation which might be tolerable in some
contexts but is unacceptable in the Internet's central security protocol.
Henry Spencer
henry@spsystems.net
Follow-Ups:
References: