[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Should Alice say who she wants to talk to?

To: Bill Sommerfeld <sommerfeld@east.sun.com>
Subject: Re: Should Alice say who she wants to talk to?
From: Henry Spencer <henry@spsystems.net>
Date: Mon, 17 Dec 2001 17:28:53 -0500 (EST)
cc: Sara Bitan <sarab@cs.Technion.AC.IL>, Radia Perlman - Boston Center for Networking <Radia.Perlman@sun.com>, ipsec@lists.tislabs.com
In-Reply-To: <200112172150.fBHLo7Xt026599@thunk.east.sun.com>
Sender: owner-ipsec@lists.tislabs.com

On Mon, 17 Dec 2001, Bill Sommerfeld wrote:
> > Does each one of the services/ the hosts behind the firewall have a distinct
> > private/public key pair?
> 
> potentially, yes.

In particular, this potentially makes recovery from key compromise much
less disruptive, because compromise and recovery affect the users of only
one service/host. 

It's definitely preferable for a server to be able to authenticate itself
as the provider of a particular service.  For example, for our
Opportunistic Encryption (draft-richardson-ipsec-opportunistic-03.txt), we
would much prefer to have a separate authentication key for each host the
security gateway might represent, but we can't do that with IKE because in
Phase 1, the responding security gateway doesn't yet know which host we
want a connection to.

                                                          Henry Spencer
                                                       henry@spsystems.net

References:

Re: Should Alice say who she wants to talk to?

From: Bill Sommerfeld <sommerfeld@east.sun.com>

Prev by Date: RE: IKEv2 and NAT traversal
Next by Date: RE: IKEv2 and NAT traversal
Prev by thread: Re: Should Alice say who she wants to talk to?
Next by thread: Re: Should Alice say who she wants to talk to?
Index(es):
- Main
- Thread