[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Last ditch proposal for crypto suites

To: Charlie_Kaufman@notesdev.ibm.com
Subject: Re: Last ditch proposal for crypto suites
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
Date: Thu, 29 Aug 2002 13:53:42 -0400
cc: ipsec@lists.tislabs.com
In-reply-to: Your message of "Wed, 28 Aug 2002 23:19:04 EDT." <OF710D18BE.04BE38CA-ON85256C24.000F505D-85256C24.001239FC@iris.com>
Sender: owner-ipsec@lists.tislabs.com

-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Charlie" == Charlie Kaufman <Charlie_Kaufman@notesdev.ibm.com> writes:
    Charlie> There is a way to get the best of both worlds (and the worst of
    Charlie> both worlds). The IKEv2 specification could specify how to
    Charlie> negotiate suites and ala carte, where the suites are mandatory
    Charlie> to implement and the ala carte negotiation is optional. If it
    Charlie> turns out that the optimists are right and the number of suites
    Charlie> actually implemented is small, the ala carte might not be
    Charlie> implemented and could fade away. If the pessimists are right and
    Charlie> ala carte was necessary, the ability to negotiate suites adds
    Charlie> only minor complexity to the spec and to implementations.

  There are some additional testing complexity, and or some wording
complexity. 

  Specifically, what if the initiator proposes an "a la carte" of
3DES/MD5/LZS, which happens to be suite #5, and the responder has not
implemented a la carte negotiation. 

  Do we mandate that the responder must understand this? I don't think so.

  Or do we mandate that the the initiator may not do that? That's complicated
code that for the initiator, but at least it is their choice to implement
the a-la-carte stuff.

  Andrew K and I had lunch the other week to talk about ciphersuites.
  We agree that suites are necessary, and should be the primary thing that
is presented to users. 
  Andrew prefers that it is limited to the UI. 

  I am concerned about testing, about bakeoffs, and about cryptoanalysis.
  UI cyphersuites can deal with some of this, and Andrew made good points
that the algorithms are rather modular and unit testing can be done
piecemeal. However, testing of hardware does not work that way.

    Charlie> A concrete proposal:

  I like your proposal very much.

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBPW5fo4qHRg3pndX9AQFDvgQA41KcwTJ1W9d89A07jwGwT3BIgnRfcXwl
M9CgTmfzXQ0z4hyNN+ZVHEa5Qy5x/W+XJB2bfz2Za7v7foKl/sb4agDdL10z9p77
2R7fpZIn89h9ro+KnUZdSVxbWWL2saOYft7M+p9+MZnITxvh18Ba+nVZGJhR+Rrm
xvhjtbWHOVs=
=IfPI
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: Last ditch proposal for crypto suites
  - From: Charlie_Kaufman@notesdev.ibm.com

References:
- Last ditch proposal for crypto suites
  - From: Charlie_Kaufman@notesdev.ibm.com

Prev by Date: RE: Last ditch proposal for crypto suites
Next by Date: Re: Last ditch proposal for crypto suites
Prev by thread: RE: Last ditch proposal for crypto suites
Next by thread: Re: Last ditch proposal for crypto suites
Index(es):
- Date
- Thread