[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI QUESTIONS: 2.1 Identity protection questions?

To: ipsec@lists.tislabs.com
Subject: Re: SOI QUESTIONS: 2.1 Identity protection questions?
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
Date: Wed, 19 Jun 2002 01:42:29 -0400
In-reply-to: Your message of "Tue, 18 Jun 2002 18:07:53 EDT." <E17KR8j-0001I7-00@think.thunk.org>
Sender: owner-ipsec@lists.tislabs.com

-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Theodore" == Theodore Ts'o <tytso@mit.edu> writes:
    Theodore> Protecting *both* the identity the initiator and the responder against
    Theodore> active attacks is very difficult --- and probably impossible.  In most
    Theodore> cases, the client identity is much more important to protect than the
    Theodore> responder, since often the responder is identified by its DNS name and
    Theodore> fixed IP address.   

  Please use different terminology here.

  If you wish, you may use "client" and "server" here.

  Initiator and Responder refers to who sends the first keying message.

  Client and Server refers to who is active and who is passive in their
intent to communicate. The initiator is not always the client.

  We are VERY frequently dealing with cases where the client, having no
preconceived policy, may well start communication with the server in the
clear, and the server, having a policy will, initiate to the client in order
to send its reply.

  Some servers have well known DNS names and fixed IP addresses.
  But that does not apply to responders.

- ---

>>>>> "Theodore" == Theodore Ts'o <tytso@mit.edu> writes:
    Theodore> 2.1.A.)  Does SOI need to provide protection against passive
    Theodore> attacks for the initiator?

  YES.

    Theodore> 2.1.B.)  Does SOI need to provide protection against active
    Theodore> attacks for the initiator?

  YES.

    Theodore> 2.1.C.)  Does SOI need to provide protection against passive
    Theodore> attacks for the responder?

  YES.

    Theodore> 2.1.D.)  Does SOI need to provide protection against active
    Theodore> attacks for the responder?

  It is highly desireable, but it is understood that this may be difficult.

  If it can not be done, then, at the expense of additional exchanges, there
should be a way for the responder to indicate that it wishes to either change
its identity, or to create a sub-exchange in which the identity is different.

  The latter would permit two multi-user systems to authenticate first the
hosts, and later, authenticate on behalf of a particular user. 

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy");  [

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
Comment: Finger me for keys

iQCVAwUBPRAZwYqHRg3pndX9AQEHZAP/SifjpH+A5qDRxAOP8n1jsYld2EM7lf4i
dMz9NbzSk6/yS7Wjdaz9nj+NHJwR8HYHp78MbDmIPlCiejWPKUnNSkHJL3v8SNRv
PxVncj4sbOpPpAv06iaqsN79bHkiMtX81bDqz2AfZtqVOkpYWJiZ84Oo1SOkFZKc
SgNA+cyaGuo=
=cZZH
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: SOI QUESTIONS: 2.1 Identity protection questions?
  - From: "Theodore Ts'o" <tytso@mit.edu>

References:
- SOI QUESTIONS: 2.1 Identity protection questions?
  - From: "Theodore Ts'o" <tytso@mit.edu>

Prev by Date: Re: SOI QUESTIONS: 2.2 Perfect forward secrecy (PFS)
Next by Date: Re: SOI QUESTIONS: 2.2 Perfect forward secrecy (PFS)
Prev by thread: Re: SOI QUESTIONS: 2.1 Identity protection questions?
Next by thread: Re: SOI QUESTIONS: 2.1 Identity protection questions?
Index(es):
- Date
- Thread