RE: Please kill preshared key.

[Jon Sjoberg x 158 <jsjoberg@toplayer.com>]

Just a random thought,

Would it help if we changed the terminology from Pre-Shared Key to
Pre-Shared Information, as it seems that is all end-users care about.  The
type of the information (be it key or self-signed cert) that is shared
should be of little interest to an end-user, so long as the performance and
security characteristics are acceptable.  All that is interesting to the
end-user is that the ease of set-up obtained by being able to pre-share
information with out engaging a third party.

I think using PSK and PKI as terms may be feeding confusion, especially
since using pre-shared certificates is not what most consider a Public Key
Infrastructure.

Food for thought,
Jon

-----Original Message-----
From: Marcus D. Leech [mailto:mleech@nortelnetworks.com]
Sent: Friday, December 07, 2001 11:21 AM
To: Jan Vilhuber
Cc: Bill Sommerfeld; ipsec@lists.tislabs.com
Subject: Re: Please kill preshared key.


The current PSK methods in IKEv1 lead to some horrible, insecure hacks
in real
  implementations/deployments.

I know of at least one VPN/Road-Warrior implementation where the server
uses
  PSK to authenticate itself to a client--but it uses the SAME PSK for
every
  member of a "group", where groups are very large.  This means that
anyone in
  the group can pretend to be a server to any other member of the group.
  This wouldn't happen in a self-signed PK-style pre-share.  The
  client adds the PK self-signed pre-share to their "trusted" list, and
  only the real server (possessor of the private key) can convince a
client
  of its authenticity.

If symmetric PSKs are kept, it had better be possible to do it right,
and
  rather hard to do it wrong.

---

• Prev by Date: Re: Some comments on JFK
• Next by Date: RE: Son-of-IKE Selection Criteria?
• Prev by thread: RE: Please kill preshared key.
• Next by thread: RE: Please save the pre-shared key mode
• Index(es):
  • Main
  • Thread