[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Adding revised identities to IKEv2
Paul Hoffman / VPNC writes:
> At 2:43 PM -0500 11/12/02, Stephen Kent wrote:
> > - two IPsec peers do not necessarily trust one another. they
> >need to communicate securely, but that does not equate to trust in a
> >broader sense. the access controls in IPsec permit each peer to
> >limit the part of the address space to which the other is granted
> >access, and to constrain the protocols that are employed.
>
> Assume you have someone who doesn't let most people communicate with
> them in a particular way, but does let some people communicate with
> them in that particular way after verifying their identity. You are
> saying that that is not "trust"? If so, then we are splitting hairs.
> "I authorize you to do X" means that I trust my method of being sure
> that you are you, and that I trust you to do X correctly and safely.
Paul,
I think the point here is that "trust" doesn't
really bring much to the table in terms of
understanding what's going on, and has a good
potential for muddying the waters. It's a machine
making machine decisions based on its
programming. It doesn't "trust", it makes
decisions based upon cryptographically provable
identity and programmed policy. It's certainly not
making any value judgements like "correctly" or
"safely".
Mike