[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Please kill preshared key.
Just a random thought,
Would it help if we changed the terminology from Pre-Shared Key to
Pre-Shared Information, as it seems that is all end-users care about. The
type of the information (be it key or self-signed cert) that is shared
should be of little interest to an end-user, so long as the performance and
security characteristics are acceptable. All that is interesting to the
end-user is that the ease of set-up obtained by being able to pre-share
information with out engaging a third party.
I think using PSK and PKI as terms may be feeding confusion, especially
since using pre-shared certificates is not what most consider a Public Key
Infrastructure.
Food for thought,
Jon
-----Original Message-----
From: Marcus D. Leech [mailto:mleech@nortelnetworks.com]
Sent: Friday, December 07, 2001 11:21 AM
To: Jan Vilhuber
Cc: Bill Sommerfeld; ipsec@lists.tislabs.com
Subject: Re: Please kill preshared key.
The current PSK methods in IKEv1 lead to some horrible, insecure hacks
in real
implementations/deployments.
I know of at least one VPN/Road-Warrior implementation where the server
uses
PSK to authenticate itself to a client--but it uses the SAME PSK for
every
member of a "group", where groups are very large. This means that
anyone in
the group can pretend to be a server to any other member of the group.
This wouldn't happen in a self-signed PK-style pre-share. The
client adds the PK self-signed pre-share to their "trusted" list, and
only the real server (possessor of the private key) can convince a
client
of its authenticity.
If symmetric PSKs are kept, it had better be possible to do it right,
and
rather hard to do it wrong.