[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SOI: identity protection and DOS
0 check, blind trust. :-)
--- David
----- Original Message -----
From: "Hugo Krawczyk" <hugo@ee.technion.ac.il>
To: "Sara Bitan" <sarab@cs.Technion.AC.IL>
Cc: "Michael Thomas" <mat@cisco.com>; "Henry Spencer" <henry@spsystems.net>;
"ipsec list" <ipsec@lists.tislabs.com>
Sent: Tuesday, November 27, 2001 12:16 PM
Subject: Re: SOI: identity protection and DOS
>
> I think that this observation by Sara is important:
>
> >
> > An insecure certificates deployment will be much more harmful than a
> > *correct* and useful pre-shared key authentication mode."
>
> For those that cite SSH as an example: much of the success of SSL
> and SSH is based on the permissiveness with which people USE public
> keys and certificates in these protocols (who reads certificate-related
> pop-up warnings in https? how many consciously check a PK in a first
> SSH handshake?)
>
> We want IPsec to succeed but not to "imitate" the above SSL and SSH
> usage weaknesses.
>
>
> Hugo
>
> >
> >
> On Mon, 26 Nov 2001, Sara Bitan wrote:
> >
> > Pre-shared keys do not require extra messages.
> > The P-SIGMA protocol requires just three messages, like SIGMA.
> >
> > I think pre-shared keys authentication is a requirement, and it doesn't
> > necessary imply huge overhead. There are several good (and popular)
> > protocols out there that supply shared keys to two parties.
> > I know that in the real world certificates are not as popular and widely
> > used as we would like them to be. An insecure certificates deployment
> will
> > be much more harmful that a *correct* and useful pre-shared key
> > authentication mode.
> >
> > Sara
>
>
>
>
>
References: