[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Adding revised identities to IKEv2
Stephen Kent wrote:
> well, access control is an intrinsic feature of IPsec, so we may
> disagree on that point. also, I don't believe that trust and
> authorization are really linked as tightly as you suggest.
Well... There's not much of authorization or trust on IP level,
I think. So the issue is moot for IPsec. But on higher layers?
Say a request (not a packet!) comes from "John Doe". I
authenticated it and am certain it came form him. Now he
is requesting {put your favorite here - a $1M loan, a
peek through the company strategy document, a "format c:"
operation, whatever :-}.
Should the request be granted? How do I decide, based on what?
This is the authorization issue to me. I don't believe it
belongs to IP level.
> the whole
> notion of "trust management" that has arisen over the last few years
> seems to be largely a function of a view that does not acknowledge
> the existence of authoritative sources of authentication data. in the
> physical world we have many such sources, and in cyberspace we have
> several predominant ones, the DNS being the most common example.
I think it came from the desire to proceed from authentication to the
purpose for which the authentication was carried on: what do I do with
this request, now that I know the identity of its initiator?
And again to repeat myself - in IPsec the decision (probably) is very
trivial: if I recognized the key and authenticated the traffic, I can
allow it to enter my box, the rest is an application-level problem.
> are you looking for the SPKI WG mailing list?
>
> I think it died along with the WG :-)
SPKI? What's that? (:-)
But seriously, how do you identify a key on a borrowed laptop roaming
through a foreign domain? [not by IP address and probably not by FQDN]