[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [saag] Re: IPsec and RSVP



And we're saying that this chain-of-trust is a bad model, because
anyone close to an edge can inject any amount of bogus data into the
network.  Once it's injected, it's even TRUSTED!  One major problem is
that you lose the origin of the request after the first hop, not to
mention the actual request itself.

-derek

"Hannes Tschofenig" <Hannes.Tschofenig@mchp.siemens.de> writes:

> hi
> 
> what do you mean by "in terms of addressing"?
> 
> my understanding of rsvp is:
> rsvp travels hop-by-hop (rsvp capable nodes) from one end-point to an other
> (except if you use some rsvp extensions like rsvp proxy etc.). hence "RSVP
> is end-to-end in one direction (sender->receiver)" confuses me somehow. the
> security for rsvp is build on hop-by-hop security based on a chain-of-trust.
> 
> ciao
> hannes
> 
> 
> > -----Original Message-----
> > From: owner-ipsec@lists.tislabs.com
> > [mailto:owner-ipsec@lists.tislabs.com]On Behalf Of Melinda Shore
> > Sent: Saturday, May 25, 2002 5:18 PM
> > To: RJ Atkinson; Derek Atkins
> > Cc: SatishK Amara; dong_wei@tsinghua.com; IPsec;
> > Security_Area_Advisory_Group
> > Subject: Re: [saag] Re:
> >
> >
> > At 10:53 AM 5/25/02 -0400, RJ Atkinson wrote:
> > >Hmm.  I would rather say that RSVP is hop-by-hop and
> > >that (normally) AH/ESP are end-to-end.
> >
> > In terms of addressing, RSVP is end-to-end in one
> > direction (sender->receiver) and hop-by-hop in the
> > other (receiver->sender).
> >
> > >However, if one used (for example) AH with an asymmetric algorithm,
> > >one could perform hop-by-hop authentication of the
> > >packet with AH.  This has obvious computational cost
> > >issues so might not be the best choice.
> >
> > The packet payload is going to be modified at each hop,
> > as well, in both directions.
> >
> > Melinda
> 

-- 
       Derek Atkins
       Computer and Internet Security Consultant
       derek@ihtfp.com             www.ihtfp.com