[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI QUESTIONS: 2.3 Perfect forward secrecy (PFS)



On Wednesday 19 June 2002 01:54, Michael Richardson wrote:
>>
>>    Theodore> 2.3.A.)  Does SOI need to natively support "legacy
>>   authentication  systems"?
>
>   No. cf. Bellovin Enrollment suggestions.

I don't find that suggestion practical enough to justify following it 
now. The TODAY's reality is -  non-PK auth systems are wide-spread and 
are NOT going away. Not to support it natively simply complicates both 
the protocol and the implementations.

And see below.

>>     Theodore> 2.3.B.)  Does SOI need to natively support some kind of
>>     "shared  secret" scheme?
>
>   Not anymore.

Absolutely yes - "shared secret" is a-must.

>   I believe that it was necessary in IKEv1 because there was no other
>  useful patent free authentication system.

This was not just a patent issue!!  Practically all the remote access 
is based on some kind of non-PK approach.

Technically it is simpler to support non-PK natively, than to have TWO 
interoperable protocols - one to retrieve the "credentials" and the 
other one to actually use them (and then to worry to scramble those 
retrieved credentials - lest somebody else "borrows" 'em later on)...

I understand "PK purists" - but in no way sympathize with their 
position.

>   We should do RSA as common protocol.

You mean "common algorithm", for the protocol cannot care less with 
what crypto function the bit-sequence is signed. I'm against limiting 
the algorithms to RSA-only, or even to PK-only, for the above reasons.

>   We MUST define the ASCII format of the raw RSA keys, and mandate
> that they be loadable to the trusted store.

What if there is no trusted store?  Look outside your concept box.


>   Supporting things like pushing the policy down SHOULD be done.

Yeah, but is this  IKE job?
-- 
Regards,
Uri-David
-=-=-<>-=-=-
<Disclaimer>