[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: SOI QUESTIONS: 2.6 Formal proofs of security

To: "Theodore Ts'o" <tytso@mit.edu>, <ipsec@lists.tislabs.com>
Subject: RE: SOI QUESTIONS: 2.6 Formal proofs of security
From: "Stephane Beaulieu" <stephane@cisco.com>
Date: Mon, 24 Jun 2002 10:28:36 -0400
Importance: Normal
In-Reply-To: <E17L5M8-0003XL-00@think.thunk.org>
Sender: owner-ipsec@lists.tislabs.com


>
>
> Please discuss and answer this question.....
>
> 2.6 Formal proofs of security
>
> 2.6.)  Does SOI need to provide a formal proof of security?  (Is this
> a "must have" or a "nice to have"?  What are we willing to trade-off
> for having a formal proof of security?)

I've never heard of any potential users turning away IKEv1 because it
didin't have a formal proof.  Then again, I don't speak to customers on a
daily basis.

A formal proof would be "nice to have", but not if it means rendering the
protocol unuseable.



>
> Implications from the Scenarios:
>
> [none]

References:
- SOI QUESTIONS: 2.6 Formal proofs of security
  - From: "Theodore Ts'o" <tytso@mit.edu>

Prev by Date: RE: SOI QUESTIONS: 2.4 Number of crypto operations
Next by Date: RE: SOI QUESTION: 3.1 DoS protection
Prev by thread: Re: SOI QUESTIONS: 2.6 Formal proofs of security
Next by thread: Re: SOI QUESTIONS: 2.6 Formal proofs of security
Index(es):
- Date
- Thread